On Mon, 13 Jul 2009, Michael S Gilbert wrote:
hello,
the mozilla developers are working this predictable PRNG issue, and
they have indicated that arc4random would not be sufficently secure
[1]. is there any substance to that claim?
if so, does that impact Atsuhito's fix?
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=322529
well..., one of the people doesn't like arc4*, but there's no agreement
in that thread on what to use (aside from a general bias toward fancier
implementations). There may be some useful conclusion, e.g., pointing out
reusable code that can be linked from NSS, etc.
--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net
_______________________________________________
Lynx-dev mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/lynx-dev
