Hi Paul, On Wed, April 2, 2014 11:06 am, Paul Hoffman wrote: > On Apr 2, 2014, at 10:34 AM, Theodore Ts'o <[email protected]> wrote: > [snip] >> And if we try to tell people that if you can't do anything at all >> which is True Entropy (tm), you might as well go home, then people >> might just do that. > > That leads into the question of who the target audience for such a > document should be. The committers for Linux and *BSD /dev/random don't > need us to create a BCP for them; the writers of a new OS or distro might > need it. An application writer should either (a) only be pulling from > their OS or (b) be as smart about random sources as the OS dev so they can > create their own pool. The eventual document needs to be very clear which > person should be reading which part. The current document is completely > unclear on this, and an application developer might think they need to > understand things that we would be horrified if they tried to implement.
The idea that linux and BSD developers know what they're doing and application writers should just use their OS is an appeal to authority that I think is increasingly falling on deaf ears these days. If you listened to the experts at Intel you'd have just used their RNG because they know what they're doing. But it turns out a hardware trojan can reduce the entropy from their RNG to whatever the attacker wants it to be. Oops. Which is not to say that I think the people writing the RNGs for linux and BSD do not know what they're doing, or that I know better (I certainly do not). Donald is updating an existing RFC and I think the target audience for his update is the same as that of the existing RFC. My hope is that another draft will be written that specifies a strong RNG and the target audience for that would be people writing security code, especially for embedded OSs that have a more blurred line between kernel and application. regards, Dan. _______________________________________________ dsfjdssdfsd mailing list [email protected] https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
