On Tue, Jul 26, 2011 at 1:30 PM, Brian Smith <bsm...@mozilla.com> wrote: > Mozilla would like to expose a secure PRNG (basically, a wrapper around > PK11_GenerateRandom) to JavaScript content: > https://bugzilla.mozilla.org/show_bug.cgi?id=440046 > > There is some agreement that we should maintain separate PRNG state for each > origin (roughly: domain name), and that all those states should be separate > from the PRNG state used internally. PK11_GenerateRandom currently shares the > PRNG state across all callers. Does anybody disagree about this separation > being necessary?
I just want to note my objection to this proposal before I forget again. I won't repeat the arguments given by Nelson Bolyard and Marsh Ray. Wan-Teh Chang -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
