Le 11/11/2016 à 18:02, Nikos Mavrogiannopoulos a écrit :
> On Fri, 2016-11-11 at 13:08 +0100, Laurent Georget wrote:
>
>> +.I /dev/urandom
>> +T} T{
>> +Cryptographically-secure Random Number Generator (CRNG) output
>> +T} T{
>> +Does not block once the CRNG is ready
>> +T} T{
>> +Returns output from uninitialized CRNG (possibly low entropy and not
>> suitable for cryptography)
>
> I'd make that specific, and mention early boot explicitly, otherwise it
> implies that this always returns from an uninitialized CRNG. This is a
> limitation that applies only for applications started on early boot;
> for the majority of applications this is not applicable.
The title of the last column is "Behavior in early boot time". We can
rephrase the content as "Even if the CRNG is not ready yet, returns
output from it anyway (possibly low entropy and not suitable for
cryptography)". Does that sound better?
I got the third column wrong by the way, please read "Never blocks".
Cheers,
Laurent
Attachment:
signature.asc
Description: OpenPGP digital signature
