Date:Fri, 15 Jan 2021 17:43:45 -0800
From:John Nemeth
Message-ID: <202101160143.10g1hjbv018...@server.cornerstoneservice.ca>
| The way to implement including
| directories is to stat the item being included to see if it is a
| directory, and if it is, then branc
On Jan 14, 12:21, James Browning wrote:
}
} >I also don't like the only form of include being include-a-directory;
} >in my estimation, that wires too much policy into the mechanism. I
} >would prefer to see either two include directives, one for directories
} >and one for files, or a single dire
On Jan 15, 0:13, Taylor R Campbell wrote:
}
} > Date: Thu, 14 Jan 2021 10:15:41 +
} > From: nia
}
} > The man page is very clearly written, aside from the parts that
} > recommend tossing coins.
}
} Thanks! I know tossing coins sounds silly. But as a fallback if you
} have no other option
> Date: Fri, 15 Jan 2021 15:35:26 -0500 (EST)
> From: Mouse
>
> >Such an application, like a Python program in the middle of just
> >doing `import multiprocessing', [...]
>
> Seems to me the elephant in the room here is: why would Python "just
> doing `import multiprocessing'" need crypt
>Such an application, like a Python program in the middle of just
>doing `import multiprocessing', [...]
Seems to me the elephant in the room here is: why would Python "just
doing `import multiprocessing'" need cryptographic-strength randomness?
What am I missing that makes this reasonable
> Date: Fri, 15 Jan 2021 20:54:21 +0200
> From: Andreas Gustafsson
>
> Your proposal would mean that
> such an application would generate predictable keys on NetBSD when no
> entropy is available, even though it will not on Linux. To me, that's
> complete
> Date: Fri, 15 Jan 2021 20:41:25 +0100
> From: Reinoud Zandijk
>
> Well no, on install, open a tcp connection to a TNF hosted server...
We've discussed this before. Before continuing on the topic, please
review the prior discussion like I just asked:
https://mail-index.netbsd.org/tech-crypto/
On Fri, 15 Jan 2021, Reinoud Zandijk wrote:
On Fri, Jan 15, 2021 at 03:10:20PM +0100, Martin Husemann wrote:
On Fri, Jan 15, 2021 at 03:04:21PM +0100, Reinoud Zandijk wrote:
Can we create a random stream for all such situations instead of a file? Say
open a TCP/IP connection to some NetBSD ser
On Fri, Jan 15, 2021 at 03:10:20PM +0100, Martin Husemann wrote:
> On Fri, Jan 15, 2021 at 03:04:21PM +0100, Reinoud Zandijk wrote:
> > Can we create a random stream for all such situations instead of a file? Say
> > open a TCP/IP connection to some NetBSD server that spits out a X number of
> > ra
Taylor R Campbell wrote:
> Folks, this thread was to discuss a specific proposal about the
> getrandom and getentropy C API:
>
>With these in mind, I propose that we change getrandom(p,n,0) so that
>it does not block
I strongly object to this proposal.
The first google hit for "getrandom"
Folks, this thread was to discuss a specific proposal about the
getrandom and getentropy C API:
With these in mind, I propose that we change getrandom(p,n,0) so that
it does not block -- under the premise that dealing with low entropy
is a system integration problem, not a problem that it
>> Can we create a random stream for all such situations instead of a
>> file? Say open a TCP/IP connection to some NetBSD server that spits
>> out a X number of random bytes by its random generator and then
>> closes the stream?
> You want this to happen on the *local* network.
Ideally, sure. B
On Fri, Jan 15, 2021 at 03:04:21PM +0100, Reinoud Zandijk wrote:
> Can we create a random stream for all such situations instead of a file? Say
> open a TCP/IP connection to some NetBSD server that spits out a X number of
> random bytes by its random generator and then closes the stream?
You want
On Fri, Jan 15, 2021 at 11:07:12AM +0100, Martin Husemann wrote:
> On Fri, Jan 15, 2021 at 09:25:41AM +0100, Manuel Bouyer wrote:
> > > If a machine doesn't have any unpredictable inputs, well, there's no
> > > magic we can do -- you can copy a seed over from another machine (on a
> >
> > Yes. I j
On Fri, Jan 15, 2021 at 02:01:45PM +1030, Brett Lymn wrote:
> If we have network of some sort can we leverage packet timing jitter somehow?
We do. In current it gets fed into the pool, but no longer increases the
entropy counter because it's deemed to be manipulable by hostile
parties. NetBSD 9 an
On Fri, Jan 15, 2021 at 12:12:05AM +, Taylor R Campbell wrote:
> > On Mon, Jan 11, 2021 at 01:25:36AM +, Taylor R Campbell wrote:
> > > We might also do something similar with the motd -- add a single line,
> > > citing entropy(7) for more details, if there's not enough entropy.
> >
> > Pl
On Fri, Jan 15, 2021 at 09:25:41AM +0100, Manuel Bouyer wrote:
> > If a machine doesn't have any unpredictable inputs, well, there's no
> > magic we can do -- you can copy a seed over from another machine (on a
>
> Yes. I just want to make sure this will remain an option.
> For this to work the ma
On Fri, Jan 15, 2021 at 12:21:24AM +, Taylor R Campbell wrote:
> > Date: Thu, 14 Jan 2021 13:21:58 +0100
> > From: Manuel Bouyer
> >
> > On Thu, Jan 14, 2021 at 10:15:41AM +, nia wrote:
> > > I still think my idea to record a second of noise from /dev/audio on
> > > machines that totally
18 matches
Mail list logo
