> Make that: I trust the RNG of GnuPG. There's more to it than what is > provided by the Linux kernel.
Be careful. When was the last time you checked the GnuPG code? And when was the last time you checked the options your distro maintainer used to build your GnuPG? :) GnuPG doesn't have one RNG. It has *many* RNGs. Some of them are really just thin wrappers over lower-level OS facilities. And if you don't trust /dev/urandom, I'd suggest using a different operating system, because that's a game-over compromise. It's like not trusting CryptGenRand on Win32.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
