Bug#662736: Some concerns about adding maxwell to Debian

[Sandy Harris <sandyinchina@gmail.com>]

On Tue, Jul 24, 2012 at 2:38 AM, Henrique de Moraes Holschuh
<hmh@debian.org> wrote:

> On Mon, 23 Jul 2012, Sandy Harris wrote:
>> >> Initial entropy at very early boot, ....
>>
>> Where can I get info on those patches? I am on the linux-crypto list
>> and have not noticed them there.
>
> Look for Ted Tso's /dev/random work in LKML itself:
> http://lkml.kernel.org/r/1341511933-11169-1-git-send-email-tytso@mit.edu

Thanks.

>> >> For other entropy gathering needs, there are safer choices.  This should
>> >> be reflected on the package description.
>> >
>> > Agree, as I mentioned before, work on documentation is needed to ensure that
>> > we provide enough information for the system designer/administrator to make
>> > informed decision about how to use or not to use maxwell.
>>
>> I thought I'd dealt with that in the man page & PDF.
>
> The typical distro user can barely be bothered enough to read package
> descriptions...  So a single sentence summarizing what you wrote in the
> paper about when maxwell should (not) be used is really required.

Other methods -- a hardware RNG, turbid(1) or Havege(1) -- are generally
preferable to maxwell(8) if they can be used; the main applications of
maxwell(8) are on systems where those are impractical or as a second
generator as a failsafe measure.