"Steven M. Bellovin" wrote:

> The point of yarrow is to do that reseeding in a cryptographically 
> sound way.  (I'd frankly rather it ran in user space, of course.)

Since most or all of the entropy gathering is going to be by kernel
drivers I'd guess that a user-space implementation could get tricky.

I'm browsing the Yarrow paper (yarrow-full) - both the postscript and
PDF versions have two figures that are totally blank :-(

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Sales, Support and Service:  http://www.wasabisystems.com/