On Sat, Jan 15, 2005 at 05:52:16PM -0500, William Allen Simpson wrote:
> 
> I do wish NetBSD folk would take security more seriously.

Thank you, we take it quite seriously: seriously enough to not run around
changing things without a good understanding of why they ought to be
changed.

Compare and contrast with certain other projects which, for instance,
blithely go _reducing_ the mathematical strength of various random
number generators by reseeding them more often because "it must be more
secure".

I am not a mathematical cryptographer and I wouldn't pretend to be one.
From the dust-up between yourself and Charles (replete with incendary
language on both sides, much like the flamebait of yours that I quote
above) it was basically impossible for me, for one, to see exactly whom
I ought to believe.

Steve Bellovin was polite enough to explain the actual underlying issue
without any of the gasoline either you or Charles chose to pour on the
fire.  It's a shame that you couldn't do so much yourself, though I
thank you for also providing the explanation I requested.


-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com

"The inconsistency is startling, though admittedly, if consistency is to be
 abandoned or transcended, there is no problem."		- Noam Chomsky