Autore: adrelanos Data: To: tails-dev Oggetto: Re: [Tails-dev] Discuss rng-tools,
randomsound? was: Support EntropyKey?
intrigeri: > Hi,
>
> adrelanos wrote (13 Dec 2012 18:11:58 GMT) :
>> Since haveged is already installed in Tails, rng-tools and
>> randomsound are up for discussion - if you are interested.
>
> I may not entirely agree with this course of action (see bellow),
> but thank you for making it so we don't forget this discussion!
Well, I still haven't understood situations where create tickets and
when not. I thought you do it in order not to forget discussions.
Nevermind.
>> If they prove as "install, improve security and forget"
>> solutions, implementation would be as simple as adding the
>> package.
>
> FYI randomsound does not belong to this category, that's why we
> removed it from Tails.
I searched "host:mailman.boum.org/pipermail/tails-dev/ randomsound" and
"host:tails.boum.org randomsound". There is very little informations
available. Can you please elaborate on that?
>> Even if you finally decide against it, I'd appreciate an
>> information gathering and informed decision. I am willing to
>> contribute results form research, communication with people and
>> test results.
>
>> Because these are two different packages, I am for two different
>> mailing list threads, are you okay with that? Should I create
>> two todo/research items?
>
> rngd (shipped by rng-tools) already has its todo/research ticket
> (todo/rngd); so, no need to create this one.
Ok.
> I think we already know what value rngd could bring: support for
> TRNG hardware. So, I think the best practical course of action for
> Tails would be to start by checking how rngd and haveged can run
> together (as H. Peter Anvin suggests to do).
> If this turns out to work well, I guess $SOMEONE will probably want
> to implement this in Tails.
Implementation is as easy as adding the Debian package?
> For any value of $OTHER_RANDOM_SOLUTION: I'd be very happy to read
> the results of such research, I think I'd even be happy to see
> tails-dev Cc'd for most of the discussion, but I'd rather not see
> stuff added to our TODO list before I understand what Tails
> problem we're trying to solve, and agree something should be done
> (which is absolutely not clear to me as of today).