VOTE Apply PR#9084 reverting DEVRANDOM_WAIT

Kurt Roeckx kurt at roeckx.be
Sat Jun 8 10:18:56 UTC 2019


On Fri, Jun 07, 2019 at 07:38:31PM -0400, Viktor Dukhovni wrote:
> > On Jun 7, 2019, at 7:24 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
> > 
> > That's all very nice, but nobody is going to run that.
> 
> They also don't have to upgrade their kernel, or deploy new
> versions of OpenSSL.  If platform release engineers don't
> deploy core services that ensure reliably CSPRNG seeding,
> then their platform is less secure at boot.  This is their
> choice.  Users can vote with their feet for more secure
> O/S distributions.

That all sounds very nice, but when a typical users buys a device
they have no idea what OS is going to be on it, or that it's secure
or not. They don't actually get to vote with their money.

> Secure CSPRNG seeding is a platform responsibility, OpenSSL
> then runs secure PRNGs seeded from the platform.  There's
> only so much we can reasonably do.  The rest has to happen
> outside of OpenSSL, as a pre-requisite.

And the people that make those platforms have no clue and
no time to care about that. It works, ship it. If we don't
make clear it's broken, it's not going to get fixed.


Kurt



More information about the openssl-project mailing list