> What I _wouldn't_ be happy with is a PRNG which has been fed only known > data, but enough of it at startup that it agrees to provide output to > the user. There are a terrible lot of these around, and pretending that > stack contents are random is a great way to accidentally build them.
Fortunately, OpenSSL does not pretend the stack contents are random. People sometimes accidentally shoot themselves because they handle a gun as if it was unloaded when it's loaded. But it doesn't make sense to ensure the gun is loaded just to ensure you handle it as if it was loaded. However, this is essentially your argument -- don't do something that can only help because if you relied on just that you might be in trouble. Sorry, I reject that argument. > Not feeding in data which you have a pretty darned good idea will be > predictable -- potentially as the first bits in at RNG startup -- is to > my mind one thing one can should do to avoid the problem. > > Thor You are honestly arguing that the best way to avoid handling a gun as if it were unloaded is to ensure it is loaded before handling it. Isn't that clearly crazy? Why do something that can only hurt you? That you might get in trouble if you rely on it is an argument not to rely on it, not an argument not to do it. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
