----- Original Message -----
From: Miguel Angel Fraga <[EMAIL PROTECTED]>
To: OpenSSL Users <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; Bodo Moeller
<[EMAIL PROTECTED]>
Sent: Wednesday, October 13, 1999 9:40 PM
Subject: Re: RNGs
> Why not? A hash of the screen is not enough.
> I mean to enhance (at least) the RAND_seed() function
> when you generate a new request.
>
> I think OpenSSL is a great software and a pity that
> OpenSSL has a random-number generator that produces
> weak keys.
You can't say that in general. As much as I remember (from 0.6.6)
the (at least RSA) keygen itelf is not really bad. It could be better
and faster. If one used "genrsa" or "req -newkey.." the key should be
okay because I assume that
1. the .rand file has been used and
2. the bitmap was user specific.
But I agree that we should have a closer look to the PRNG.
Regards Rene
--
-----------------------------------------------------------
Rene G. Eberhard
Mail : [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
