Subject: Re: kernel ip_randomid() and libc randomid(3) still "broken"
To: Jonathan Stone <jonathan@DSG.Stanford.EDU>
From: David Laight <david@l8s.co.uk>
List: tech-net
Date: 11/25/2003 23:45:10
> Can we, instead, decare a moratorium on importing any cryptographic or
> PRNG code from OpenBSD, until *after* the code has been reviewed, and
> until *after* the code has passed *empirical testing*?
And after the code as been shown to close a potential security problem.
You need to do a cost-benefit analysis on the algorythm. This particular
code has lots of cost and almost no benefit.
David
--
David Laight: david@l8s.co.uk