I was asked off-list why we're doing this.  A reasonable question. :)

There are many complains about the OpenSSL RNG.  For started:
        https://github.com/openssl/openssl/issues/2168
        https://github.com/openssl/openssl/issues/898
        https://github.com/openssl/openssl/issues/2457
        https://github.com/openssl/openssl/issues/3125

Also, there's things like this:
        It uses MD5
        It has a global pool, not per-thread so there's locking
        It doesn't use getrandom available on modern Linux systems
        It uses other bizarre private hashing and mixes in time and getpid

To summarize, perhaps, let's just say that it is really really outdated.  The 
state of the art has advanced, and we have some catching-up to do.

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to