This is a discussion on Re: How good a random source is Crypto API? - Openssl ; In message on Mon, 4 Apr 2005 16:53:21 +1000, "Steven Reddie" said: smr> Moving such functionality out-of-process would improve stability, smr> and this is obviously where prngd/egd comes in, but if these are smr> seen as useful for more secure ...
In message <200504040653.j346rRVU006784@mail09.syd.optusnet.co m.au> on Mon, 4 Apr 2005 16:53:21 +1000, "Steven Reddie"
smr> Moving such functionality out-of-process would improve stability,
smr> and this is obviously where prngd/egd comes in, but if these are
smr> seen as useful for more secure applications then it seems that a
smr> default OpenSSL install could settle for CryptoAPI's PRNG.
Except for the small matter of knowing what the seeding generator uses
as sources. As was mentioned, Microsoft is very secretive about the
sources used for CryptGetRandom(). prngd/egd are open source...
BTW, OpenSSL does use the CryptoAPI PRNG *as well*, just FYI...
I do understand the problem with crashing systems. Do you have an
idea on how to make things more stable in that kind of situation, and
still have a more varied set of randomness sources than just
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
Richard Levitte firstname.lastname@example.org
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
OpenSSL Project http://www.openssl.org
Development Mailing List email@example.com
Automated List Manager firstname.lastname@example.org