[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Lynx 2.8.4 with OpenSSL
|
From: |
David Woolley |
|
Subject: |
Re: lynx-dev Lynx 2.8.4 with OpenSSL |
|
Date: |
Sun, 4 Feb 2001 10:51:46 +0000 (GMT) |
> Please put srand/rand to be the last one. IIRC, it is always worse
> than the alternatives.
Encryption code should not be using any of these. If it is trying to
mix data obtained from elsewhere, it should be using a cryptographically
strong hash, like MD5. If it is trying to obtain a starting point for
the random number, it MUST use truly random sources. On linux, there is
a driver which attempts to be a truly random source, although one cannot
rely on distributions setting it up properly (you need to carry state
across reboots by including code in the shutdown and restart scripts).
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden
- lynx-dev Lynx 2.8.4 with OpenSSL, Patrick Ash , 2001/02/03
- Re: lynx-dev Lynx 2.8.4 with OpenSSL, Ilya Zakharevich, 2001/02/03
- Re: lynx-dev Lynx 2.8.4 with OpenSSL, Patrick Ash , 2001/02/08
- Re: lynx-dev Lynx 2.8.4 with OpenSSL, Thomas E. Dickey, 2001/02/08
- Re: lynx-dev Lynx 2.8.4 with OpenSSL, pg, 2001/02/08
- Re: lynx-dev Lynx 2.8.4 with OpenSSL, Thomas E. Dickey, 2001/02/08
- lynx-dev rejection of lynx by website, Leslie Fairall, 2001/02/08
- Re: lynx-dev rejection of lynx by website, Thomas Dickey, 2001/02/08
- Re: lynx-dev rejection of lynx by website, Leslie Fairall, 2001/02/08
- Re: lynx-dev rejection of lynx by website, Thomas Dickey, 2001/02/08
- Re: lynx-dev rejection of lynx by website, David Woolley, 2001/02/08
- Re: lynx-dev rejection of lynx by website, David Woolley, 2001/02/08