Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/share/man/man4 New sentence, new line. Use \(em.
details: https://anonhg.NetBSD.org/src/rev/325665557df9
branches: trunk
changeset: 965173:325665557df9
user: wiz <wiz%NetBSD.org@localhost>
date: Wed Sep 04 05:37:06 2019 +0000
description:
New sentence, new line. Use \(em.
diffstat:
share/man/man4/rnd.4 | 13 +++++++------
1 files changed, 7 insertions(+), 6 deletions(-)
diffs (48 lines):
diff -r 40fb3d0eb3b3 -r 325665557df9 share/man/man4/rnd.4
--- a/share/man/man4/rnd.4 Wed Sep 04 05:10:38 2019 +0000
+++ b/share/man/man4/rnd.4 Wed Sep 04 05:37:06 2019 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: rnd.4,v 1.27 2019/09/04 04:03:25 riastradh Exp $
+.\" $NetBSD: rnd.4,v 1.28 2019/09/04 05:37:06 wiz Exp $
.\"
.\" Copyright (c) 2014 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -187,8 +187,8 @@
Systems with nonvolatile storage should store a secret from
.Pa /dev/urandom
on disk during installation or shutdown, and feed it back during boot,
-so that the work the operating system has done to gather entropy --
-including the work its operator may have done to flip a coin! -- can be
+so that the work the operating system has done to gather entropy \(em
+including the work its operator may have done to flip a coin! \(em can be
saved from one boot to the next, and so that newly installed systems
are not vulnerable to generating cryptographic keys predictably.
.Pp
@@ -205,7 +205,7 @@
which is enabled by default; see
.Xr rc.conf 5 .
.Sh LIMITATIONS
-Some people worry about recovery from state compromise -- that is,
+Some people worry about recovery from state compromise \(em that is,
ensuring that even if an attacker sees the entire state of the
operating system, then the attacker will be unable to predict any new
future outputs as long as the operating system gathers fresh entropy
@@ -562,7 +562,7 @@
subsystem were concerned with
.Sq information-theoretic
security, under the premise that the number of bits of entropy out must
-not exceed the number of bits of entropy in -- never mind that its
+not exceed the number of bits of entropy in \(em never mind that its
.Sq entropy estimation
is essentially meaningless without a model for the physical processes
the system is observing.
@@ -571,7 +571,8 @@
PGP, etc., expands short secrets deterministically into long streams of
bits, and their security relies on conjectures that a computationally
bounded attacker cannot distinguish the long streams from uniform
-random. If we couldn't do that for
+random.
+If we couldn't do that for
.Fa /dev/random ,
it would be hopeless to assume we could for HTTPS, SSH, PGP, etc.
.Pp
Home |
Main Index |
Thread Index |
Old Index