[124335] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: [ROS] The perils of security tools

daemon@ATHENA.MIT.EDU (Florian Weimer)
Fri May 23 18:58:02 2008

From: Florian Weimer <fw@deneb.enyo.de>
To: Ben Laurie <ben@links.org>
Cc: "Steven M. Bellovin" <smb@cs.columbia.edu>,  Robust Open Source <open-source@csl.sri.com>,  Cryptography <cryptography@metzdowd.com>
Date: Fri, 23 May 2008 23:33:46 +0200
In-Reply-To: <482A19F2.7020509@links.org> (Ben Laurie's message of "Tue, 13
	May 2008 23:45:06 +0100")

* Ben Laurie:

> I must confess that I said that because I did not have the energy to
> figure out the other routes to adding entropy, such as adding an int
> (e.g. a PID, which I'm told still makes it in there).

The PID dependency is there because of the need for fork
support--obviously, the PRNG must return a different key stream in the
parent and child process, but the two cannot communicate with each
other.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post