Re: Uses too much entropy (Debian Bug #343085)

[Andreas Metzler]

On 2008-01-04 Simon Josefsson <address@hidden> wrote:
> Andreas Metzler <address@hidden> writes:
[...]
>> testing with a exim linked against OpenSSL I get *slightly* less
>> entropy usage (235 vs 289 bits in the first testrun) when connecting
>> with swaks (perl/OpenSSL).

> For my curiosity, what are those numbers if you run gnutls with a
> NORMAL:%COMPAT priority?

Sorry, I have no go these numbers a hand, since exim is not using
gnutls_priority_init() yet.

> Cipher padding needs one byte of randomness
> for every encrypted packet, disabling padding may thus reduce the
> randomness needed further.  This assumes you actually sent some data
> back and forward, I don't whether you did.
[...]

I just sent QUIT over the encrypted channel.

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'