Re: [dsfjdssdfsd] what not to do...
Donald Eastlake <d3e3e3@gmail.com> Wed, 02 April 2014 18:19 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79DF91A03AD for <dsfjdssdfsd@ietfa.amsl.com>; Wed, 2 Apr 2014 11:19:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GFUig59RxXh3 for <dsfjdssdfsd@ietfa.amsl.com>; Wed, 2 Apr 2014 11:19:07 -0700 (PDT)
Received: from mail-oa0-x234.google.com (mail-oa0-x234.google.com [IPv6:2607:f8b0:4003:c02::234]) by ietfa.amsl.com (Postfix) with ESMTP id 7B4881A0388 for <dsfjdssdfsd@ietf.org>; Wed, 2 Apr 2014 11:19:04 -0700 (PDT)
Received: by mail-oa0-f52.google.com with SMTP id l6so702869oag.25 for <dsfjdssdfsd@ietf.org>; Wed, 02 Apr 2014 11:19:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=vy4vSNR14gY6Lo4PYNCG3kpvyhfuazLa9jtmgepGwlg=; b=dLrxYEpR2vBEocqzVT6Ivvnphsd7iky95TLXUOzjVavyKJvhNjmXtukqUflI/9lvBC 6dOBNmTxDCjDi9Aiu7QgA9cQHSrFqp25+xfyYstbkuIYH4tFRlGF7fybwEZphVpXp/HX Ukq1GyKoCqNLS7wQ1FCZaSTdzuO4UTwQNQ9vcQ4SJX51JfDixavzLjQwSVE1YgigvECx LbR56bIrlebpqv/RW84flgtTKnhoFwOs45a2X+JvYEwbhPGxWTVarUbGNE5psJ2dyymw ZzJZGwDLUjjXvrG5QKWqgfmOpN6ys5xTMjfeCfR49jXjQjGSiGdjgc5LoMIPt49B3U5l eYpg==
X-Received: by 10.60.132.12 with SMTP id oq12mr1371638oeb.42.1396462740342; Wed, 02 Apr 2014 11:19:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.76.25.41 with HTTP; Wed, 2 Apr 2014 11:18:40 -0700 (PDT)
In-Reply-To: <CACsn0c=x3K3NDHve3sKvaFuk_08Xp+wepPN=nkj00bLKNyOK0A@mail.gmail.com>
References: <533AF317.5070901@cs.tcd.ie> <CACXcFm=ts6JWuW+pQtaqZ720QDxnEa22UZW2NiBYMgCCV7MPuw@mail.gmail.com> <CAF4+nEF8N5C7zmGh5TBnp29zP1Fi2PMzoU4x4EEH8hY82PnS0w@mail.gmail.com> <CACsn0c=x3K3NDHve3sKvaFuk_08Xp+wepPN=nkj00bLKNyOK0A@mail.gmail.com>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Wed, 02 Apr 2014 14:18:40 -0400
Message-ID: <CAF4+nEGgyThpjidy3E4drtJC4Y0c2R3uxEDuq7p8Mjcj2GKX1Q@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/dsfjdssdfsd/Vbg94cvsJtFxcANnSzwv7UXK1C4
Cc: "dsfjdssdfsd@ietf.org" <dsfjdssdfsd@ietf.org>, Sandy Harris <sandyinchina@gmail.com>
Subject: Re: [dsfjdssdfsd] what not to do...
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd/>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 18:19:11 -0000
On Wed, Apr 2, 2014 at 11:18 AM, Watson Ladd <watsonbladd@gmail.com> wrote: > On Wed, Apr 2, 2014 at 7:57 AM, Donald Eastlake <d3e3e3@gmail.com> wrote: >> Hi, >> >> Yes, the "bad ideas" section of RFC 4086bis >> (draft-eastlake-randomness3-00) seems like a good place to collect >> additional things not to do. >> > > No. Do not enumerate badness. Instead model correct behavior. You will No, yourself. We had this same discussion before RFC 1750 and before RFC 4086. I would agree that it should emphasize the right thing to do more than it emphasizes the wrong thing to do. And I'd be fine with relegating what not to do to an appendix or something. But I'm not willing to dump the information from the draft about what not to do. > not be able to list all the ways someone can make a mistake, but you > can explain a way to do things right. The current draft is also > missing a discussion of the impact of fork and threading on random > number generators, which can turn a perfectly working one into > something utterly broken. Yes, there are things missing that should be added. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com > Sincerely, > Watson Ladd > >> I am planning to update that draft soon... >> >> Thanks, >> Donald >> ============================= >> Donald E. Eastlake 3rd +1-508-333-2270 (cell) >> 155 Beaver Street, Milford, MA 01757 USA >> d3e3e3@gmail.com >> >> >> On Wed, Apr 2, 2014 at 10:24 AM, Sandy Harris <sandyinchina@gmail.com> wrote: >>> On Tue, Apr 1, 2014 at 1:10 PM, Stephen Farrell >>> <stephen.farrell@cs.tcd.ie> wrote: >>> >>>> It seems like there's a lot of knowledge on that spread >>>> about and if there was someone was willing and able maybe >>>> an informational RFC about mistakes that have been made >>>> and how implementers can avoid 'em might be useful. >>> >>> I think the old RFC 1750 and current 4086 pretty much cover that. >>> https://tools.ietf.org/html/rfc4086 >>> >>> There has been mailing list discussion of an update to 4086, but >>> I do not know how that is progressing. >>> >>>> Or maybe there's a survey paper out there somewhere >>>> or thesis that already has a load of that material? >>> >>> At least two reference pages have been mentioned on >>> various lists. I have looked at two and found both quite >>> good. Unfortunately, I only recall one URL: >>> http://www.av8n.com/computer/htm/secure-random.htm >>> >>> _______________________________________________ >>> dsfjdssdfsd mailing list >>> dsfjdssdfsd@ietf.org >>> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd >> >> _______________________________________________ >> dsfjdssdfsd mailing list >> dsfjdssdfsd@ietf.org >> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd > > > > -- > "Those who would give up Essential Liberty to purchase a little > Temporary Safety deserve neither Liberty nor Safety." > -- Benjamin Franklin
- [dsfjdssdfsd] what not to do... Stephen Farrell
- [dsfjdssdfsd] what not to do... =JeffH
- Re: [dsfjdssdfsd] what not to do... Sandy Harris
- Re: [dsfjdssdfsd] what not to do... Donald Eastlake
- Re: [dsfjdssdfsd] what not to do... Watson Ladd
- Re: [dsfjdssdfsd] what not to do... Alexandre Anzala-Yamajako
- Re: [dsfjdssdfsd] what not to do... travis+ml-dsfjdssdfsd
- Re: [dsfjdssdfsd] what not to do... travis+ml-dsfjdssdfsd
- Re: [dsfjdssdfsd] what not to do... Theodore Ts'o
- Re: [dsfjdssdfsd] what not to do... Paul Hoffman
- Re: [dsfjdssdfsd] what not to do... Theodore Ts'o
- Re: [dsfjdssdfsd] what not to do... Paul Hoffman
- Re: [dsfjdssdfsd] what not to do... travis+ml-dsfjdssdfsd
- Re: [dsfjdssdfsd] what not to do... Donald Eastlake
- Re: [dsfjdssdfsd] what not to do... travis+ml-dsfjdssdfsd
- Re: [dsfjdssdfsd] what not to do... Dan Harkins
- Re: [dsfjdssdfsd] what not to do... Alexandre Carmel-Veilleux
- Re: [dsfjdssdfsd] what not to do... Theodore Ts'o
- [dsfjdssdfsd] what not to do... Sandy Harris