Harald Hanche-Olsen
Tue, 02 Sep 2003 12:20:18 -0700
+ Tim Dierks <[EMAIL PROTECTED]>: | Can anyone who believes that only having 160 bits of entropy | available is an interesting weakness tell me why?
That is an interesting discussion that I don't feel qualified to participate in (but look forward to following), but I think it's a good idea to keep that issue separate from the one raised by Peter: /dev/urandom is for those situations where guaranteed entropy is not seen as needed, whereas /dev/random, by design, is for the very most "paranoid". Apple should not have violated the specification of /dev/random in this way. The right thing for them to do, if they are unable or unwilling to provide a true /dev/random, is to not provide the device at all, and just settle for /dev/urandom. - Harald --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]