Jeff,
While this looks good I do not agree with the removal of the FIPS
tests. The Intel docs even say:
"Note: There is a chance that even if no RNG device is present, the
physical memory locations described above may coincidentally match the
values expected for an RNG device. For this reason, before random
data is sent to an application, the device should be excercised to
verify that it is indeed an RNG. This can be accomplished by enabling
the device and running an initial test (eg. FIPS 140-1) before use."
Even if you trust Intel and you think there is no way bad data could
come out of the device there is still a chance that mistakes were made,
and taking data without doing any checks doesn't help anyone.
-Matt
-- ############################################################ Matt Sottek sottek@quiknet.com Intel Applications Engineer My opinions are my own and do not represent Intel. Intel's opinions are its own and do not represent me. ############################################################- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jan 31 2000 - 21:00:13 EST