On Fri, Jun 07, 2019 at 07:01:30PM +0000, Salz, Rich wrote: > > > The kernel actually already does this in recent versions, if > configured to do it. > > "The" kernel. Which one is that? Which operating system? > > Modern Linux is fine. Is that all we care about?
This whole discussion has only been about Linux, we only define DEVRANDOM_WAIT on Linux. I think all other OSs have a sane /dev/urandom, but I'm not sure about NetBSD. > 1.1.1c made Solaris (and possibly others) more secure. I would be > disappointed if 1.1.1d took that away and tried to rationalize that "it's not > my job." *YOU'RE A CRYPTOGRAPHIC LIBRARY* Do you have a reference that Solaris allows reading from /dev/urandom before it's been initialized? Kurt
