Mark Andrews <ma...@isc.org> wrote: > > DSA requires random values as part of the signing process.
Traditionally, yes, but it isn't actually required - https://tools.ietf.org/html/rfc6979 (PuTTY has been using deterministic DSA since 2001, because of problems with obtaining random numbers on old versions of Windows. https://git.tartarus.org/?p=simon/putty.git;a=commit;h=d345ebc2a5) You should always use /dev/urandom to get random numbers unless your system has a better API like getrandom(2) or getentropy(2). On Linux, gaveged is a good way to stop /dev/random blocking unenlightened software. https://www.2uo.de/myths-about-urandom/ https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Rockall, Malin, Hebrides: Westerly or southwesterly, veering northwesterly later in north Rockall and Hebrides, 4 or 5, increasing 6 at times. Moderate or rough, becoming very rough in north Hebrides. Rain at times. Good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
