> > No. It points to the fact that the whole thing isn't tested much on
> > machines without good randomness sources in general.
>
> openssl is one of those projects that could desperately use a
> commerical reseller/support couterpart a-la redhat
> or sendmail (the company)
>
> it kinda mystifies me why one has not popped up. maybe people won't
> pay enough for it to make it worthwhile??
Hmmm....
Now that I think about it....
I think my company would pay something for a product that filled
a need. (open source or not) Seems to me they don't care where
it comes from. The only real requirement on me is that it gets done
and it's reasonably maintainable. In most cases what I use to
accomplish that is not much of an issue.
I have never read about any open source projects that accept
monetary compensation. (I suppose the distribution of wealth
might be an issue)
To be honest OpenSSL's biggest issues seem to be documentation
related. (From my very limited point of view)
> > No. It points to the fact that the whole thing isn't tested much on
> > machines without good randomness sources in general.
If you feel like indulging me I would be curious to know the following.
(I am not really familiar with this issues.)
Intuitively I would think the -rand input would be good enough. Is it not?
I read something a while back about sampling a mic input on a soundcard.
Does that constitute a random enough source of noise?
ScottP
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
