On Thu, 2014-06-19 at 12:43 -0400, Simo Sorce wrote: > On Thu, 2014-06-19 at 12:36 -0400, Nathaniel McCallum wrote: > > This also fixes an error where the default value was not respecting > > the KEY_LENGTH variable. > > > > (NOTE: the os.urandom() change should not change the security properties > > of the existing code. However, the failure of the previous code to > > respect KEY_LENGTH causes us to violate the RFC.) > > LGTM! > I do prefer using os.urandom() directly, as random.SystemRandom uses it > under the hood anyway.
Is that an ACK? Because we need to merge a fix of some kind soon. Nathaniel _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel