[Announce] Libgcrypt 1.8.4 released
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Oct 29 18:22:02 CET 2018
On Fri 2018-10-26 20:16:21 +0200, Werner Koch wrote:
> The GnuPG Project is pleased to announce the availability of Libgcrypt
> versions 1.8.4.
thanks for this release, Werner!
> * Performance:
>
> - On Linux always make use of getrandom if possible and then use
> its /dev/urandom behaviour. [#3894]
This characterization is unfortunate, since the getrandom() default
behavior is *not* the /dev/urandom behavior. In particular, the
getrandom() default behavior blocks until the kernel's internal pool has
been fully initialized, while /dev/urandom never blocks. This is one of
the main arguments for using getrandom() instead of /dev/urandom in the
first place.
I appreciate that the actual change landed in libgcrypt! This is a real
improvement for users of GNU/Linux systems. I just don't want people to
think that the change will cause them to possibly use an uninitialized
PRNG like /dev/urandom, because that is not the case with the change
that we made here.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20181029/4747a0f2/attachment.sig>
More information about the Gnupg-devel
mailing list