>>> + o Properly initialize the PRNG in the absence of /dev/random.
>
>> How?
>
>Perhaps the same ugly but useable way Eric fiddles around in the randfile.c
>source. He just reads the whole size buffer although he knows that he only has
>put less data in. Or like mod_ssl which reads out the state of the scoreboard,
>etc. I don't know what's the best way is.
The best way is to talk Peter Gutmann into donating his randomness-gathering
code (or to implement something similar). For efficiency that should
probably be combined with a seed file.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
