Lot of things the author mentions isn't valid for practical world. Apache (with TLS/SSL) with /dev/random is asking for trouble; meaning, client's requests will just block forever if not enough seed cannot be generated (same with TLS/SSL aware postfix).
A lot of software out there in use that require real-world RNG thus default to /dev/urandom. I am not sure whether its good or bad.
I know that on osx atleast, Yarrow kind of shields the fact that /dev/urandom and /dev/random produce non-blocking RNG.
1 comment
[ 3.1 ms ] story [ 16.7 ms ] threadI know that on osx atleast, Yarrow kind of shields the fact that /dev/urandom and /dev/random produce non-blocking RNG.