Hi,
I'd prefer it to run in the kernel because there a random pool
can be gathered from the interrupts...
surely this pool needs to be hashed before data is delivered
to the user process.

Did anyone take a look at the linux kernel driver (sorry for this).
It looks very promising to me. I guess a similar conectpt can be
built into NetBSD also. (Or can someone point out what
the problems connected to this are?)

Have a nice day...

Stefan

> In message <7475.972260746@coconut.itojun.org>, itojun@iijlab.net writes:
> >
> >>Where will you get the seeds?  That's the really hard part.
> >
> >	i thought of reseeding by rnd(4) random number device, like
> >	every N seconds.
> >
> >>The right thing to do would be to port yarrow (see www.counterpane.com,
> >>though I don't have the link available just now and I'm offline when
> >>writing this).  Unfortunately, it's filled with lots of DLL-ish things.
> >
> >	hmm, i'm sure we can strip DLL-ish part off.
>
> The point of yarrow is to do that reseeding in a cryptographically
> sound way.  (I'd frankly rather it ran in user space, of course.)
>
> 		--Steve Bellovin
>
>
>