Granted; guess I should not have given such high praise to the
quality/uniqueness of that this device produces since they do not provide
information on its design nor state that it has been evaluated by any
qualified independent reviewers. My assumption was and I guess still (to
some degree) that the quality of input material available in a hardware
based implementation is far superior to what is available to a software
implementation (like egd.pl, etc.) At a minimum this driver/hardware
essentially gives windows users a /dev/urandom which they have been missing.
In either case I would still say its best to maintain the current
implementations use of this device to allow for code conformity.
I would like to see the FAQ updated to refer to this drivers/hardware
existence.
Ryan
-----Original Message-----
From: Rich Salz [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 08, 2001 7:36 PM
To: Ryan Hurst
Cc: Openssl-Dev ([EMAIL PROTECTED]); Openssl-Users
([EMAIL PROTECTED])
Subject: Re: OpemSSL Hardware Random Number Generator (RNG) for Intel Chip
sets.
> I am not sure I understand what you are saying
You called the intel h/w rng "excellent." I believe consensus is "we
don't know."
The code you showed does exactly the right thing: don't rely on the h/w
RNG directly, but use it as an entropy source.
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
