Enigmail speed geeking
Robert J. Hansen
rjh at sixdemonbag.org
Fri Mar 13 22:33:05 CET 2015
> Make that: I trust the RNG of GnuPG. There's more to it than what is
> provided by the Linux kernel.
Be careful. When was the last time you checked the GnuPG code? And
when was the last time you checked the options your distro maintainer
used to build your GnuPG? :)
GnuPG doesn't have one RNG. It has *many* RNGs. Some of them are
really just thin wrappers over lower-level OS facilities. And if you
don't trust /dev/urandom, I'd suggest using a different operating
system, because that's a game-over compromise. It's like not trusting
CryptGenRand on Win32.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150313/d9f82679/attachment.sig>
More information about the Gnupg-users
mailing list