On Fri, Jan 04, 2008 at 08:40:44PM +0100, Simon Josefsson wrote: > Interesting, 235/8=29.375 bytes. The minimum randomness needed per TLS > session would be 28 bytes for client hello random_bytes plus 46 bytes > for the PreMasterSecret (if RSA is used for key exchange). If openssl > is using /dev/urandom, I think it is overly optimistic about the quality > of that data.
I suspect that it only uses data from /dev/u?random to seed its own PRNG. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
