Ralf S. Engelschall wrote:
> On Mon, Jan 11, 1999, Bodo Moeller wrote:
> > I would like to have directives that tell the software packages how to
> > find randomness -- e.g. something allowing me to do things like
> > SSLRandomInit "dd if=/dev/random count=2"
> > SSLRandomInit "ps -Alf"
> > and also something like
> > SSLRandomBufferFile private/rand
> > where the given file would be used similar to how the RANDFILE from
> > ssleay.cnf (e.g. ~/.rnd) is used by SSLeay's "req" application.
>
> A very good suggestion. Actually OpenSSL's RAND library supports repeated
> RAND_seed()'s, so we could use the stuff SSLRandomInit produces to at least
> initially seed the random number generator. OpenSSL's SSL library already
> seeds in more random stuff from time to time itself.
I'd suggest that the functionality should really go into OpenSSL, since
it is a common requirement. Naturally whatever software is using OpenSSL
will have to handle the configuration (unless we put it in
openssl.conf?).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
