CAcert System Admins discussion list

[Pat Wilson <paw AT pawilson.net>]

On May 29, 2008, at 11:30 AM, Ian G wrote:

> With the OpenSSL/debian debacle fresh in our minds, it seems
> that this would be a good time to think about CAcert's need
> for good random numbers.
>
> It has frequently been pointed out that random numbers are
> devilishly difficult to deal with, something made apparent
> with the recent events.  To deal with them requires some
> sort of process and/or check and/or alternate sources, it
> would seem.
>
> As Pat is writing the Security Manual, it would seem that
> this is the place for such a thing;  does anyone have a view
> on a simple procedure for creating a sequence of RNs that is
> useful for the tasks?
>
> I'm expecting to see something that overcomes simple things
> like "OpenSSL delivers all zeros and we didn't notice..."
>
> I'd guess there are two parts:  root keys (high quality
> needed) and routine protocol work (OpenSSL/httpd, SSH, etc,
> so "regular" randoms needed, whatever that means).
>
> Any thoughts?  Pat, is there an easy place for this in the SM?
>
> http://wiki.cacert.org/wiki/SecurityManual

I'd think there's not much chance of OpenSSL having a problem
(yes, the Debian distro did, buy only because someone commented
out useful code), and would sort of expect it to be encompassed by
our use of "best available technology".  If you wanted to put something
in explicitly, though, the scope of section 2.3 "Application  
Security" could
be broadened to include a statement about "best available", "thorough
code review", or something of that nature.

--paw

Attachment: smime.p7s
Description: S/MIME cryptographic signature