Mark writes: > You'd need to prtect the numbers thus served; they'd be no use if an > ethernet snooper could pick them up, so the distribution channel > should be at least encrypted. (SSH and SSL could both be used). Problem I see is: where do you get the key material to securely exchange random numbers with the server? Or conversely: if you can securely get the key material, you don't need more random numbers. You either have a private key, or you don't. If you don't you don't have any entropy to generate a key, and have no a way to securely converse with the PRNG server. If you do, you get computational security by feeding your private key into /dev/random. You're not going to get anything better than computational security by having the PRNG server send you any -- the secure link only offers computational security. Adam
