[124333] in cryptography@c2.net mail archive
Re: [ROS] The perils of security tools
daemon@ATHENA.MIT.EDU (Ben Laurie)
Fri May 23 18:56:43 2008
Date: Fri, 23 May 2008 22:55:58 +0100
From: Ben Laurie <ben@links.org>
To: Florian Weimer <fw@deneb.enyo.de>
CC: "Steven M. Bellovin" <smb@cs.columbia.edu>,
Robust Open Source <open-source@csl.sri.com>,
Cryptography <cryptography@metzdowd.com>
In-Reply-To: <87mymgln7p.fsf@mid.deneb.enyo.de>
Florian Weimer wrote:
> * Ben Laurie:
>
>> I must confess that I said that because I did not have the energy to
>> figure out the other routes to adding entropy, such as adding an int
>> (e.g. a PID, which I'm told still makes it in there).
>
> The PID dependency is there because of the need for fork
> support--obviously, the PRNG must return a different key stream in the
> parent and child process, but the two cannot communicate with each
> other.
I'm fully aware why its there! I just wasn't sure (at the time) that
this change didn't also remove it.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com