Joey Hess wrote: > Josh Triplett wrote: > > However, just as we encourage projects to reuse libraries rather than > > copying code around, we *should* encourage projects to use standardized > > randomness libraries rather than hardcoding rdrand (or, for that matter, > > hardcoding /dev/urandom). > > Performance aside, why is a standardized randomness library (which does > not currently exist) better than a stanardized kernel interface?
At least two reasons: because a random number source that doesn't require kernel privileges should not need to take the performance hit of going through the kernel, and because many userspace applications will not want to follow the kernel's rejection of hardware random number generation. Also, while no widely used library exists, at least one library does exist: libcryptorandom. Given the straightforward nature of the algorithm (if hardware random numbers available, use them, otherwise read from /dev/{,u}random as appropriate), I'd bet other such implementations exist. To encourage code reuse and ease of systemwide changes, I think it makes sense to package such libraries and have userspace applications use them rather than hardcoding support for any particular hardware random number source. - Josh Triplett -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140612062538.GA27235@thin