On 28 Jul 2008, at 09:50, Robert Edmonds wrote:
[ i am CC'ing the upstream author, Bob Halley. Bob, are you
planning a
fix to bring dnspython in line with forgery-resilience? ]
I haven't been rushing to make a fix because dnspython is a stub
resolver (typically cacheless) and is thus not likely a profitable
target.
Having said that, I would like to strengthen it, but it will take a
little time since I'd like to improve the quality of the randomness as
well. Python's random() function is based on the Mersenne Twister,
which is not cryptographically strong. What's the timeframe for lenny?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
