In message <CABUciR=m+b45ddzyv2j8z9+ltvuy4rwh+kp3e8njyahdpy-...@mail.gmail.com> , Alexander Gurvitz writes: > Hello all. > > What random device used for ? > ARM says "Entropy is primarily needed for DNSSEC=A0operations, > such as ... dynamic update of signed zones". I don't get why signing a zone > requires any randomness.
It doesn't for RSA. However DSA does require randomness. > This bothers me as I'm implementing DNSSEC now, and I know that my systems > are low at entropy, and BIND default random-device is /dev/random, > and it (the device) blocks when there's no entropy available. > > Does BIND really needs that entropy, and how much ? Yes, if you are using DSA. > Regards, > Alexander Gurvitz, > net-me.net > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscri= > be from this list > > bind-users mailing list > [email protected] > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
