Re: [opensuse-factory] Enabling haveged by default?

El 07/05/11 11:21, Jeff Mahoney escribió:

That sounds more like a problem with rngd if the it dies when the interface goes down.

Not actually my point.

I'm convinced that the task of managing entropy generated by crypto devices supported by the kernel is kernel's business,exposing a /dev/hwrng device an let to user to manage it is not a solution.

VIA hardware comes with an rng, yet the user has to know about it. AFAIK future intel processors will as well.

And let's not mention the hw crypto accelerators, like AES-NI which are supported by both the kernel and openssl but pretty much nothing uses it due to this mentality of "is up to the callee/user" that plagues us.

:-|