by mail.netbsd.org with SMTP; 23 Oct 2000 12:13:01 -0000
	by entoo.connect.com.au (Postfix) with ESMTP
	id 1215EDD7B0; Mon, 23 Oct 2000 23:12:14 +1100 (EST)
	by thoreau.thistledown.com.au (Postfix) with ESMTP
	id C647D1FF84; Mon, 23 Oct 2000 23:12:49 +1100 (EST)
From: Simon Burge <simonb@wasabisystems.com>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: tech-security@netbsd.org, tech-kern@netbsd.org
Subject: Re: replace kernel random number function 
In-Reply-To: Your message of "Mon, 23 Oct 2000 08:10:47 -0400 "
	<20001023121048.E3FA535DC2@smb.research.att.com> 
Date: Mon, 23 Oct 2000 23:12:49 +1100
Message-Id: <20001023121249.C647D1FF84@thoreau.thistledown.com.au>

"Steven M. Bellovin" wrote:

> The point of yarrow is to do that reseeding in a cryptographically 
> sound way.  (I'd frankly rather it ran in user space, of course.)

Since most or all of the entropy gathering is going to be by kernel
drivers I'd guess that a user-space implementation could get tricky.

I'm browsing the Yarrow paper (yarrow-full) - both the postscript and
PDF versions have two figures that are totally blank :-(

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Sales, Support and Service:  http://www.wasabisystems.com/