From owner-svn-src-all@freebsd.org  Thu Jul  2 19:22:39 2015
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 29A7D9935F7;
 Thu,  2 Jul 2015 19:22:39 +0000 (UTC)
 (envelope-from markm@FreeBSD.org)
Received: from gromit.grondar.org (grandfather.grondar.org
 [IPv6:2a01:348:0:15:5d59:5c20:0:2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DDA59242B;
 Thu,  2 Jul 2015 19:22:38 +0000 (UTC)
 (envelope-from markm@FreeBSD.org)
Received: from graveyard.grondar.org ([88.96.155.33]
 helo=gronkulator.grondar.org)
 by gromit.grondar.org with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
 (Exim 4.85 (FreeBSD)) (envelope-from <markm@FreeBSD.org>)
 id 1ZAk4B-0003Hf-P1; Thu, 02 Jul 2015 20:22:37 +0100
Subject: Re: svn commit: r284959 - in head: . share/man/man4 share/man/man9
 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest
 sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy...
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\))
Content-Type: text/plain; charset=us-ascii
From: Mark R V Murray <markm@FreeBSD.org>
In-Reply-To: <322.1435863348@chaos>
Date: Thu, 2 Jul 2015 20:22:35 +0100
Cc: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org, amesh@juniper.net, stevek@juniper.net
Content-Transfer-Encoding: 7bit
Message-Id: <7BE13556-EBB9-45A1-92B4-D137F4391E7E@FreeBSD.org>
References: <201506301700.t5UH0jPq001498@svn.freebsd.org>
 <13981.1435792025@chaos> <5238A439-F25E-40F1-96D4-140460003982@FreeBSD.org>
 <22423.1435862187@chaos> <284B5FB4-F487-4FBA-ABE6-D163065AFD1B@FreeBSD.org>
 <322.1435863348@chaos>
To: "Simon J. Gerraty" <sjg@juniper.net>
X-Mailer: Apple Mail (2.2102)
X-SA-Score: -1.0
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2015 19:22:39 -0000


> On 2 Jul 2015, at 19:55, Simon J. Gerraty <sjg@juniper.net> wrote:
> 
> Mark R V Murray <markm@freebsd.org> wrote:
>> If so, can I confirm that you may be rolling your own non-Yarrow/Fortuna
>> mixer(s)?
> 
> AFAIK no mixer allowed; just direct SP800-90 compliant HMAC-DRBG.
> You can probably guess why we don't agree that's a brilliant arrangement
> but its not an argument we can win.

IIRC, that still requires some stochastic input?

> Same would apply for anyone else doing FIPS 140 evaled products.

Sure.

M
-- 
Mark R V Murray