Στις Τετ, 14 Νοε 2018 στις 8:33 μ.μ., ο/η Andrej Shadura <andrew.shadura@xxxxxxxxxxxxxxx> έγραψε: > > On 12/11/2018 03:17, Jiri Kosina wrote: > > On Thu, 1 Nov 2018, Andrej Shadura wrote: > > > >> Hi everyone, > >> > >> I’ve got a comment from Nick Kossifidis that I probably shouldn’t set > >> RNG’s quality to 1024. Adding linux-crypto@ to the loop. > > > > So, what was this about? Is there any resolution to it? :) > > So far, not really. I talked to Keith Packard regarding a similar > setting in his ChaosKey driver, and I understand his opinion is that it > is appropriate there since he’s convinced about the quality of the > hardware he designed. I’m not sure what exactly I should set it to here. > The issue is not how good the ChaosKey is but how sure he is that what gets plugged in is indeed a ChaosKey and not something else that e.g. outputs only 0s. I suggest that all removable hwrngs are zero-credit by default, those that will use them will most probably be ok with changing a setting, verifying in a sense that they are aware of what's plugged in. -- GPG ID: 0xEE878588 As you read this post global entropy rises. Have Fun ;-) Nick
