Dear Vagrant, Thank you for your concern. I just tested this briefly:
1. I started tinyca (0.7.5-5) as per your instructions with 'strace -o tinyca2.log tinyca2'. 2. After having selected the CA to work with, but before having created a new key, there are three occurrences of /dev/urandom in the strace log file. 3. Next I created a new certificate request with a 1024 bit RSA key. Both the request and the key were successfully created. There were no additional accesses to /dev/urandom in the strace log file. Tinyca uses openssl commands for all cryptographic operations, which uses /dev/urandom to seed its PRNG. Consequently, I believe that tinyca does not use /dev/urandom in an unsafe way when generating keys. Regards Uli -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
