[Pkg-gnutls-maint] not draining entrophy is a good thing

[Anand Kumria]

Hi,

I've also stumbled over this problem in the past few days.

The simplest fix, that should stop exim4 from blocking is to make
gnutls-bin a Depend rather than a Suggest. This would make the
re-generation of dh_params less likely to block the system from
continuing.

However that only alleviates the first problem. It would be useful if
the severity of bug#347210 was important.

As noted a by number of other people, a build of exim4 with openssl
does not suffer from entrophy exhaustion so quickly. It is isn't clear
to me why gnutls (via libgcrypt as I understand it) is depleting the
pool so rapidly.

Users can basically exhaust entrophy on my servers just by sending a
large (2MiB) email, which causes them pain because mail (delivery,
submission, etc.) is held up until enough activity has occurred to
generate further entrophy.

Thanks,
Anand