30 Jul
2013
30 Jul
'13
7:40 p.m.
On Tue, Jul 30, 2013 at 10:28:46AM -0700, Jon Callas wrote:
This entropy broker strikes me as exactly the same sort of understanding.
I don't see how one couldn't prime the kernel entropy pool from a high-quality high-rate entropy source on a trusted local, physical network. As long as multiple machines are guaranteed not to share the same entropy bits I don't see an attack angle there.