[gnutls-dev] Re: living without global variables
Simon Josefsson
jas at extundo.com
Mon Jan 9 14:42:24 CET 2006
bryanh at giraffe-data.com (Bryan Henderson) writes:
> I don't really know much about encryption, but don't some OS kernels have
> device drivers that provide a computer-wide entropy pool?
Yes, if you build GnuTLS with crypto from gnulib, it will read
randomness from /dev/*random. There are at least two problems with
that approach:
1) /dev/*random doesn't provide good randomness on several platforms.
2) Reading a lot from /dev/*random might deplete the system randomness
pool.
/Simon
More information about the Gnutls-devel
mailing list