[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Re: nvm.stripped versus botan
From: |
Zack Weinberg |
Subject: |
Re: [Monotone-devel] Re: nvm.stripped versus botan |
Date: |
Wed, 21 Jan 2009 09:23:59 -0800 |
On Tue, Jan 20, 2009 at 10:05 PM, Jack Lloyd <address@hidden> wrote:
...
> In particular I'd prefer not to simply disable particular sources,
> unless there really is no other workable solution.
>
> Having spent all of 3 minutes thinking about it, I'm wondering if the
> thing to do is drop the fast poll/slow poll distinction, which is
> pretty artificial, and instead use a notion like polling for no more
> than a given amount of time (possibly returning nothing if the source
> believes it cannot successfully poll in the given time slot [*]), or
> polling for a certain # of bits of entropy (estimated based on the
> particular sources knowledge/assumptions about what it is doing), or
> maybe both.
This sounds like it's going in the right direction.
Something else to consider is that the RNG user might like to specify
a quality parameter, based on what's being done with the randomness,
and sources could use that to adjust their behavior. For instance, I
understand that best practice on Linux is only to use /dev/random for
long-lived random numbers, such as stored keys; for nonces and session
keys using only /dev/urandom is considered more considerate to other
entropy users on the same system.
zw
[Monotone-devel] Re: nvm.stripped versus botan, Zack Weinberg, 2009/01/23