Re: [openpgp] Default preferences for the future

"Mark D. Baushke" <mdb@juniper.net> Tue, 21 March 2017 18:03 UTC

Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender)
To: "Robert J. Hansen" <rjh@sixdemonbag.org>
CC: openpgp@ietf.org, 'Ryru' <ryru@addere.ch>
In-Reply-To: <00c101d2a269$056003d0$10200b70$@sixdemonbag.org>
References: <3b89c96a-0bb6-cd09-cbf7-1f9e26f04bd6@addere.ch> <52027.1490051694@eng-mail01.juniper.net> <87pohbm5or.fsf@wheatstone.g10code.de> <78804.1490102455@eng-mail01.juniper.net> <00a901d2a24b$3f1d7df0$bd5879d0$@sixdemonbag.org> <11503.1490111087@eng-mail01.juniper.net> <00c101d2a269$056003d0$10200b70$@sixdemonbag.org>
Comments: In-reply-to: "Robert J. Hansen" <rjh@sixdemonbag.org> message dated "Tue, 21 Mar 2017 13:31:47 -0400."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Tue, 21 Mar 2017 11:02:57 -0700
Message-ID: <28290.1490119377@eng-mail01.juniper.net>
Sender: mdb@juniper.net
MIME-Version: 1.0
Content-Type: text/plain
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Mar 2017 18:03:01.7576 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR0501MB1757
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/37ev3eo_mMFUSjOhvWs6H-CGMHk>
Subject: Re: [openpgp] Default preferences for the future
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 18:03:06 -0000

Robert J. Hansen <rjh@sixdemonbag.org> writes:

> > To get the most out of AES256, one needs enough entropy to properly seed
> > a PRNG to get 256 bits out of it... [good explanation snipped]
> 
> Built-in hardware random number generators are increasingly commonplace
> nowadays.  See, e.g., Ivy Bridge and later architectures.

Tell the Linux kernel folks to trust RDSEED or RDRAND instructions...
:-) Right a GNU/Linux user should use rng-tools to inject entropy into
the kernel by grabbing bits out of the RDRAND or RDSEED instructions.

	-- Mark

[openpgp] Default preferences for the future Ryru
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future HANSEN, TONY L
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch