GnuTLS -- certtool
Benny Amorsen
benny+usenet at amorsen.dk
Wed Mar 26 09:24:53 UTC 2008
Andrew Bartlett <abartlet at samba.org> writes:
> GnuTLS's egregious use of blocking /dev/random is indeed one of the more
> annoying things about this crypto package...
The alternative is to invent entropy that isn't there, and I don't
particularly like that option.
I wish the kernel would be more aggressive in grabbing entropy, but
there's a lot of fear that e.g. network entropy can be predicted. A
box without hard drive and keyboard/mouse is pretty much doomed as it
is. Maybe the kernel should generate pseudo-random hard drive seeks
when entropy runs out and disks are otherwise idle.
/Benny
More information about the fedora-devel-list
mailing list