Hi! > This is why ultimately, we do need to attack this problem from both > ends, which means teaching userspace programs to only request > cryptographic-grade randomness when it is really needed --- and most > of the time, if the user has not logged in yet, you probably don't > need cryptographic-grade randomness....
IOW moving them from /dev/random to /dev/urandom?
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
signature.asc
Description: Digital signature
