Hi All, Here is something I am not able to figure out, even after checking the FAQ and the rand(3) man page:
When using the openssl command line utility, is a private RANDFILE per CA required for security reasons, or is it just fine to use a single RANDFILE for everything (i.e. the default ~/.rnd)? Older configuration files seem to indicate the former, but is this still true? IOW, I am looking for an answer to whether not having its own RANDFILE degrades the security of a CA. Thank you, Stefan -- Stefan H. Holek [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
