Subject: Re: IP source address security issue
To: None <email@example.com>
From: Charles M. Hannum <firstname.lastname@example.org>
Date: 01/28/1995 01:54:04
About six months ago, Ted Ts'o wrote a "physical randomness collector"
device driver for linux -- it kept a pool of random bits, mixing in
the low order bits of the high-resolution hardware clock on every
interrupt. This was primarily intended for user-mode cryptographic
applications (e.g, PGP & kerberos) but could also be used for ISN rate
It should be very simple to port this to NetBSD -- but it's probably
overkill for the current problem.
It's not just overkill. It's an unnecessary performance hit.
However, when NetBSD eventually
supports IP-layer security, it would be somewhat more useful.
What, pray tell, does `IP-layer security' *mean*?