secring and dropbox

Aaron Toponce aaron.toponce at gmail.com
Wed Jul 20 18:55:35 CEST 2011


On Wed, Jul 20, 2011 at 06:48:30PM +0200, Jerome Baum wrote:
> > Ah, cool. However, as the gpg(1) manual states, --gen-random removes
> > precious entropy from your system.
>
> But that's really the point. If you want strong random data, that data
> should have high entropy. But that entropy needs to come from
> somewhere -- i.e., your system.

Yes, of course. I'm not arguing that it isn't, but rather the documentation
could be more complete, such as restoring that entropy after exhaustion.

> What I'd find more interesting is why you (Werner) chose quality level
> 1. What do these levels do? Is 2 full entropy, and 0 just urandom?

I'm curious about this as well, which shows that the documentation for this
switch is lacking somewhat. It would be beneficial for everyone who uses
gpg(1) to see some additional help here.

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110720/8b302394/attachment.pgp>


More information about the Gnupg-users mailing list