On Pá 25-03-05 17:13:11, Herbert Xu wrote: > On Fri, Mar 25, 2005 at 09:16:01AM +0300, Evgeniy Polyakov wrote: > > On Fri, 2005-03-25 at 00:58 -0500, Jeff Garzik wrote: > > > > > If its disabled by default, then you and 2-3 other people will use this > > > feature. Not enough justification for a kernel API at that point. > > > > It is only because there are only couple of HW crypto devices > > in the tree, with one crypto framework inclusion there will be > > at least redouble. > > You missed the point. This has nothing to do with the crypto API. > Jeff is saying that if this is disabled by default, then only a few > users will enable it and therefore use this API. > > Since we can't afford to enable it by default as hardware RNG may > fail which can lead to catastrophic consequences, there is no point > for this API at all.
What catastrophic consequences? Noone is likely to even *notice*, and it does not help practical attack at all. Unless hardware RNGs are *very* flakey (like, more flakey than harddrives), this is not a problem. I can assure you that failing hdd will have more catastrophic consequences. Pavel -- People were complaining that M$ turns users into beta-testers... ...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl! - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/