TLS failed, service in BUSY state, terminated abnormally

Bron Gondwana brong at
Mon Sep 6 17:46:22 EDT 2010

On Mon, Sep 06, 2010 at 11:42:38AM +0200, "Clément Hermann (nodens)" wrote:
> Le 06/09/2010 11:26, Ethariel a écrit :
> > Hello,
> >
> > auto-answering.
> > During the upgrade process the /dev/* permission were broken. It
> > includes /dev/urandom which I think (can someone confirm) is used by SSL.
> Actually SSL is supposed to use /dev/random which provide better 
> randomness (because of better entropy gathered via keyboards and disks, 
> or better yet, hardware RNG), less likely to be predictable than 
> /dev/urandom.

That's a nice theory.  Have you seen how many people have posted to this
list about imap freezing and poor throughput that have been caused by
using /dev/random and it blocking?

On the flip side, can you provide a single example of a successful attack
against IMAP connections secured by /dev/urandom?

Denial of service is a credible threat too, and unless you actually have
a hardware randomness generator, the threats of using /dev/random are
generally worse than the threats of using /dev/urandom.

Bron ( who doesn't like black and white advice from ivory towers! )

More information about the Info-cyrus mailing list