Hi all. I have 2 questions about the openssl library kit.
1) A beginners Q on an often talked about issue; seeding the random #
generator.
Would it be considered cryptographically strong to just take your
executable, copy that to ~/.rnd and let it go from there. Each time it uses
it, the file is changed, so youd always have different seeds, and if you
just copied that exectubale back into ~/.rnd youd get a different number
anyway. I would think the exectuable is pretty random, as everytime youd
change any bit of code and recompile it would be virtually impossible to
guess what a compiler will output...In what way is this not good enough? Is
it too predicatble? Im assuming that it really can't be this easy...
2) Is the crypto library actively supported and maintened, or is it just
shipped as is. IE: Is there any reason to expect it might be updated with
more algorithms, like twofish, etc... Or is this basically what you see is
what youll always get?
Thanx,
Brian
Brian Snyder.vcf
