[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Re: living without global variables
From: |
Simon Josefsson |
Subject: |
[gnutls-dev] Re: living without global variables |
Date: |
Mon, 09 Jan 2006 14:42:24 +0100 |
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
address@hidden (Bryan Henderson) writes:
> I don't really know much about encryption, but don't some OS kernels have
> device drivers that provide a computer-wide entropy pool?
Yes, if you build GnuTLS with crypto from gnulib, it will read
randomness from /dev/*random. There are at least two problems with
that approach:
1) /dev/*random doesn't provide good randomness on several platforms.
2) Reading a lot from /dev/*random might deplete the system randomness
pool.
/Simon
[gnutls-dev] Re: living without global variables, Simon Josefsson, 2006/01/09