--On Friday, March 21, 2003 1:52 PM +1100 Stas Bekman <[EMAIL PROTECTED]> wrote:

However apr-util/crypto/getuuid.c provides a *sort of* random implementation
where APR_HAS_RANDOM is not available in two functions. in the true_random()
we have this nice note:

/* crap. this isn't crypto quality, but it will be Good Enough */

IMHO, UUID's don't need crypto-quality random numbers - therefore, the pid/time hacks are good enough just for UUID's but not in the general case.


I'm sure someone will disagree with me though. -- justin

Reply via email to