"Eric S. Raymond" wrote:
>
> Uwe Zeisberger <[EMAIL PROTECTED]>:
> > > > So I wish, you can implement EGD Support for fetchmail
> > >
> > > I don't know how. Can you point me at any resources?
> >
> > Mutt also does use EGD to get random data.
> > see mutt-1.2.5/imap/imap_ssl.c in current tar-file
> > (ftp://ftp.mutt.org/pub/mutt/mutt-1.2.5i.tar.gz)
>
> I've gone and looked at this now. Using EGD to seed SSL if there is
> no random device is a good idea, yes -- but it also seems like something
> that should be done in the SSL library itself rather than on an ad-hoc
> basis in every single SSL-using application.
>
> I've copied this reply to the SSL bugs list. Perhaps someone there will
> be able to tell us either when this is planned, or why it is not.
It is not, because EGD provides a randomness service to all
applications, not just stuff that does SSL. It would be impolite of
OpenSSL to hog all the randomness.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe 2000? http://apachecon.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
