Re: Is #285371 really an exim problem, or is it gnutls failing?

To: debian-devel@lists.debian.org
Subject: Re: Is #285371 really an exim problem, or is it gnutls failing?
From: Andrew Suffield <asuffield@debian.org>
Date: Mon, 20 Dec 2004 06:11:08 +0000
Message-id: <[🔎] 20041220061108.GA24301@suffields.me.uk>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] E1Cg3MI-0007gm-Gv@torres.int.l21.ma.zugschlus.de>
References: <[🔎] E1Cg3MI-0007gm-Gv@torres.int.l21.ma.zugschlus.de>

On Sun, Dec 19, 2004 at 04:52:24PM +0100, Marc Haber wrote:
> Wouldn't it probably be a better idea to have gnutls read entropy from
> /dev/urandom instead? I don't think it is a good idea to have
> functions blocking for extended periods of time.

> May I ask for your opinion?

The security of the session is limited by the randomness of the
weakest key used. If you're going to use /dev/urandom then you might
as well just not encrypt the session at all. It wouldn't be massively
less secure, and it would be quite a lot faster.

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Is #285371 really an exim problem, or is it gnutls failing?
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- Is #285371 really an exim problem, or is it gnutls failing?
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

Prev by Date: Re: RFC: common database policy/infrastracture
Next by Date: Re: GPL and LGPL issues for LCC, or lack thereof
Previous by thread: Re: Is #285371 really an exim problem, or is it gnutls failing?
Next by thread: Re: Is #285371 really an exim problem, or is it gnutls failing?
Index(es):
- Date
- Thread