From 8a201c5cc41a50d03647b282469089f6ecb44051 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 3 Jul 2018 12:29:57 -0400 Subject: [PATCH] close --- .../do_not_block_on_crypto_key_generation.mdwn | 2 ++ ...nt_1_339ffe281eb75b70dd7ea8bc5ae55125._comment | 15 +++++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 doc/todo/do_not_block_on_crypto_key_generation/comment_1_339ffe281eb75b70dd7ea8bc5ae55125._comment diff --git a/doc/todo/do_not_block_on_crypto_key_generation.mdwn b/doc/todo/do_not_block_on_crypto_key_generation.mdwn index 6001bff5c7..90e4e9e58a 100644 --- a/doc/todo/do_not_block_on_crypto_key_generation.mdwn +++ b/doc/todo/do_not_block_on_crypto_key_generation.mdwn @@ -18,3 +18,5 @@ I strangely could not find out *where* exactly gpg is called in that way. All i I was hoping this was something git-remote-gcrypt would be doing, but it's not: this is git-annex calling. Maybe some off-by-one conversion error somewhere? Thank you for your time... -- [[anarcat]] + +> [[closing|done]] --[[Joey]] diff --git a/doc/todo/do_not_block_on_crypto_key_generation/comment_1_339ffe281eb75b70dd7ea8bc5ae55125._comment b/doc/todo/do_not_block_on_crypto_key_generation/comment_1_339ffe281eb75b70dd7ea8bc5ae55125._comment new file mode 100644 index 0000000000..b92ea47447 --- /dev/null +++ b/doc/todo/do_not_block_on_crypto_key_generation/comment_1_339ffe281eb75b70dd7ea8bc5ae55125._comment @@ -0,0 +1,15 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2018-07-03T16:23:05Z" + content=""" +This is implemented in Utility.Gpg.genRandom. There is no off-by-one, +git-annex intentially makes the same default choices that gnupg does +about random quality. + +--fast makes it use /dev/urandom for people who lean on that side of the +entropy controversy. initremote's man page documents this. + +("Some people recommend" is often not a good basis for security defaults. +Some people recommend using RDRAND and trusting Intel...) +"""]]