On Thu, Feb 16, 2012 at 12:00 PM, Ben Laurie <[email protected]> wrote: > So, the underlying issue is not a poor design choice in OpenSSL, but > poor seeding in some applications.
Applications (in the Unix sense) should not be the ones seeding the system's PRNG. The system should ensure that there is enough entropy and seed its own PRNG (and mix in new entropy). This is why we have /dev/*random. (That's not a slight to OpenSSL, FYI.) Nico -- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
