[openssl-project] Entropy seeding the DRBG
Kurt Roeckx
kurt at roeckx.be
Mon Apr 9 17:12:41 UTC 2018
On Sat, Apr 07, 2018 at 07:00:21PM +0200, Richard Levitte wrote:
> kurt> I wonder if it's useful to have a thread of VMS that collects
> kurt> such bits all the time, like the kernel is doing.
>
> I was pondering something like that, and it does make sense. That, or
> creating a generic device driver (RND0:) that works a bit like the
> random driver on Linux, or perhaps the one from OpenBSD...
So one problem with OpenSSL doing this is that it's probably going
to take a while (in the order of seconds to minutes) before it's
ready, and I think you want to avoid that each time an application
using openssl starts. So a system service would be much better.
Kurt
More information about the openssl-project
mailing list