On 2016-05-26 00:28:05 [+0200], Kurt Roeckx wrote: > > Kurt, what about dropping that .rnd thingy and going straight for > > /dev/urandom as default? > > If I read it right, it is just the internal seed. We would use instead > > always what the 2KiB the OS gives us and never write it back. The random > > data is still produce by openssl. And we would have a more random 1st > > start than without it :) > > It does not look like a loss. > > I guess that if we can trust the OS to give us proper random data > that it's not useful to keep that file. > > There are plans to rewrite the RNG, and maybe at that point it > will go away.
So do we feel like changing something or sitting that one out until post new RNG code? I *guess* a patch to allow using /dev/urandom instead of .rnd will be deferred until the new RNG is there. This will be post 1.1.0 right? > > Kurt Sebastian
