--On Friday, March 21, 2003 1:52 PM +1100 Stas Bekman <[EMAIL PROTECTED]> wrote:
However apr-util/crypto/getuuid.c provides a *sort of* random implementation where APR_HAS_RANDOM is not available in two functions. in the true_random() we have this nice note:
/* crap. this isn't crypto quality, but it will be Good Enough */
IMHO, UUID's don't need crypto-quality random numbers - therefore, the pid/time hacks are good enough just for UUID's but not in the general case.
I'm sure someone will disagree with me though. -- justin