Robin Becker <ro...@reportlab.com> writes: > I have a vague memory that the original author felt that entropy might > run out or something like that so reading from /dev/urandom always was > not a good idea.
If there is enough entropy to begin with, then /dev/urandom should be cryptographically strong. The main danger is just after the system boots and there has not yet been much entropy gathered from physical events. > FreeBSD re-uses the entropy, but the end target is Solaris so I'm not > really sure about the details of /dev/urandom. No idea about Solaris. Another area of danger these days is virtual hosts, since their I/O may be completely simulated. They are not certified for payment card processing, mostly for that reason. -- http://mail.python.org/mailman/listinfo/python-list
