--hAW+M2+FUO+onfmf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 21, 2006 at 11:21:31PM +0000, Christos Zoulas wrote:
> In article <20060821203839.GC18185@netbsd.org>,
> Bill Studenmund  <wrstuden@netbsd.org> wrote:
> >-=3D-=3D-=3D-=3D-=3D-
> >
> >On Mon, Aug 21, 2006 at 01:20:59PM -0700, Garrett D'Amore wrote:
> >>=20
> >> Yes, without random sources, you can't get any entropy bits.  Solution
> >> is to add sources for entropy.  Alternatively, use /dev/urandom which
> >> gives back data without blocking, but might not be cryptographically r=
obust.
> >
> >If you don't have ANY entropy sources, wouldn't it be better to error ou=
t=20
> >on the read? Yes, if you don't have any entropy sources, you shouldn't u=
se=20
> >/dev/random. But "Don't do that" seems a better response than blocking=
=20
> >forever.
>=20
> How about /dev/urandom?

That's a different question. Yes, if you don't have any entropy sources,=20
you should use /dev/urandom. But what do you do with code that is=20
hard-coded (or misconfigured) to still use /dev/random? Do you let it spin=
=20
forever, or do you tell it, "No, that won't work." It's kinda like, "You=20
missed a turn back there. Do you run off the cliff, or do you stop just at=
=20
the barrier before the cliff?"

To be honest, does it make sense for you to be able to open /dev/random=20
without any real entropy sources available? Userland can't add entropy=20
sources, so we don't need a control channel.

Take care,

Bill

--hAW+M2+FUO+onfmf
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (NetBSD)

iD8DBQFE6nnGWz+3JHUci9cRAudNAJ4wS/bYbwv2TabRA3HlxUGx/xw0ggCdEtzy
ibVw2Z+B9mvAhgiHyYnEiaY=
=rRBR
-----END PGP SIGNATURE-----

--hAW+M2+FUO+onfmf--