John> The point is that there are a lot of customers out there who John> aren't ready to run out and acquire the well-designed hardware John> TRNG that you alluded to. So we need to think carefully about John> the gray area between the strong-but-really-expensive solution John> and the cheap-but-really-lame proposals. The gray area is big John> and important. Of course Intel is putting a TRNG onto its chip sets already, and these will probably be widely available in the future. This thing produces massive quantities of true entropy, more than even John could need, and it has been reviewed by one of the sharpest guys in the business, Paul Kocher (see review at www.cryptography.com). Maybe the real solution here is to work more closely with Intel to provide some kind of open source access to this RNG. An associate who attended one of Intel's corporate briefings on the chip indicated that the question of Linux came up, and Intel expressed a desire to find some solution for that market. They want people to use this chip, and Linux is an increasingly important part of the landscape for them.
