Uses too much entropy (Debian Bug #343085)
Simon Josefsson
simon at josefsson.org
Fri Jan 4 18:24:46 CET 2008
Andreas Metzler <ametzler at downhill.at.eu.org> writes:
> On 2008-01-04 Simon Josefsson <simon at josefsson.org> wrote:
> [...]
>> 2) To make exim link to and call libgcrypt's functions to read and
>> update a random seed file instead?
> [...]
>> For simplicity and non-experimentalness, I would recommend 2). I can
>> assist in implementing this in exim, if that would help. We'd
>> definitely need a good example of how to do this in the gnutls manual
>> anyway.
> [...]
>
> Well, the basic patch for testing seems to be this one, basically
> identical to the skeleton you described. I gets down entropy-usage
> for a single STARTTLS to <300 bits from > 3000.
Nice. How much does a similar server consume using openssl? Do openssl
used by exim use a seed file?
/Simon
More information about the Gcrypt-devel
mailing list