Re: [Tails-dev] Discuss rng-tools, randomsound? was: Support…

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] Discuss rng-tools, randomsound? was: Support EntropyKey?
Hi,

adrelanos wrote (13 Dec 2012 18:11:58 GMT) :
> Since haveged is already installed in Tails, rng-tools and
> randomsound are up for discussion - if you are interested.


I may not entirely agree with this course of action (see bellow),
but thank you for making it so we don't forget this discussion!

> If they prove as "install, improve security and forget" solutions,
> implementation would be as simple as adding the package.


FYI randomsound does not belong to this category,
that's why we removed it from Tails.

> Even if you finally decide against it, I'd appreciate an information
> gathering and informed decision. I am willing to contribute results form
> research, communication with people and test results.


> Because these are two different packages, I am for two different mailing
> list threads, are you okay with that? Should I create two todo/research
> items?


rngd (shipped by rng-tools) already has its todo/research ticket
(todo/rngd); so, no need to create this one.

I think we already know what value rngd could bring: support for TRNG
hardware. So, I think the best practical course of action for Tails
would be to start by checking how rngd and haveged can run together
(as H. Peter Anvin suggests to do). If this turns out to work well,
I guess $SOMEONE will probably want to implement this in Tails.

For any value of $OTHER_RANDOM_SOLUTION: I'd be very happy to read the
results of such research, I think I'd even be happy to see tails-dev
Cc'd for most of the discussion, but I'd rather not see stuff added to
our TODO list before I understand what Tails problem we're trying to
solve, and agree something should be done (which is absolutely not
clear to me as of today).

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc