Re: [dsfjdssdfsd] what not to do...

Theodore Ts'o <> Wed, 02 April 2014 17:34 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 560051A032D for <>; Wed, 2 Apr 2014 10:34:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.801
X-Spam-Status: No, score=-1.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ORCzawV8RyyT for <>; Wed, 2 Apr 2014 10:34:54 -0700 (PDT)
Received: from ( [IPv6:2600:3c02::f03c:91ff:fe96:be03]) by (Postfix) with ESMTP id 4BB0B1A0242 for <>; Wed, 2 Apr 2014 10:34:54 -0700 (PDT)
Received: from root ( by with local-esmtp (Exim 4.80) (envelope-from <>) id 1WVP3V-00027V-7m; Wed, 02 Apr 2014 17:34:29 +0000
Received: by (Postfix, from userid 15806) id 7771F5803BC; Wed, 2 Apr 2014 13:34:26 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=mail; t=1396460066; bh=Dx/KuRfoH8CpDCKbHdseJIcOCDVnQbIt1jUn0EcM/KM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=0w65It2OYHksnlmoyrgSO9N48LOt5mn+NeQyvcKTLy8nQq4+Yq1u6DI2xGZJO4rFp f6bSs6S9ElY85Mdwu6BjUirThjl+b9mTpNUUlWo2Ut1CP7d5Z0ak1JTH5xVJY7Rubl 4ykP8lCgbTli0j/J7f9R1IcyC0Sz6d6LtIjUfEkU=
Date: Wed, 2 Apr 2014 13:34:26 -0400
From: Theodore Ts'o <>
To: Paul Hoffman <>
Message-ID: <>
References: <> <> <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Scanned: No (on; SAEximRunCond expanded to false
Cc: "" <>
Subject: Re: [dsfjdssdfsd] what not to do...
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 Apr 2014 17:34:58 -0000

On Wed, Apr 02, 2014 at 10:02:24AM -0700, Paul Hoffman wrote:
> Personally, I have a strong hesitation of a BCP using phrases like
> "a few bits of entropy" if we can't measure them and if we don't
> even know if they exist.

One of the problems is that there is a lot of nuance which is
required.  For example, if you can't change the hardware, on a mobile
device, one of the few sources of unpredictability might be the radio
strength --- if you grab this in early boot and if you know that the
values aren't being fed via centralized logging scheme.  It's not
really _entropy_ per se, but if you are assuming that someone sitting
in Fort Meade won't know whether your cell phone is in your knapsack
under the steel desk, or on top of the desk, it probably does add a
certain amount of protection.

Ditto grabbing touch screen information; sure, if someone has a camera
surveilling you, it might not have much unpredictabiliy, but it's
still probably a good thing to mix into your entropy pool.

And if we try to tell people that if you can't do anything at all
which is True Entropy (tm), you might as well go home, then people
might just do that.

					- Ted