Joey Hess <[EMAIL PROTECTED]> writes: > Russ Allbery wrote: >> Do we have a feel for how astronomically unlucky you have to get? If >> it's really astronomical, it's probably not worth worrying about. (My >> general rule of thumb on that sort of thing is that if the chances of a >> collision are lower than the chances of hardware failure during the >> course of the operation, it's probably not worth taking any special >> safeguards.)
> By that line of thinking, ssh-keygen shouldn't bother checking its > system calls either. Probability of system call failure is roughly > equaly to the probability of hardware failure. You're comparing a false positive to a false negative, and I think that changes the situation considerably. What I said above was only intended to apply to cases where something will fail when it's not actually a problem, as opposed to cases where a failure will go silently undetected and possibly result in data corruption. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
