Sorry for the late reply. I was offline for a few days. More below ...
Craig R. McClanahan wrote:
[snip]
DECISION 1 - WHAT SEEDING MECHANISMS SHOULD WE SUPPORT?
(1A) Default seeding of java.security.SecureRandom (time consuming but
reasonably secure)
(1B) Current mechanism of
Christopher Cain has raised some concerns (both in private email and
publicly on this list) regarding the initialization of pseudo random
number generators (PRNGs) used to calculate session id values. We need to
have a quick discussion about this, to determine whether we want to change
the
BACKGROUND:
* An optional entropy-increasing string value that you can specify
in your conf/server.xml file, like this:
Context ...
...
Manager entropy=My Private Entropy String/
...
/Context
If no entropy property is specified, a default (and
Craig R. McClanahan wrote:
Christopher Cain has raised some concerns (both in private email and
publicly on this list) regarding the initialization of pseudo random
number generators (PRNGs) used to calculate session id values. We need to
have a quick discussion about this, to determine