FYI Arjen Lenstra et al have published an interesting paper related to problems with the usage of RNG's, etc. They give examples with X.509 certificate handling as well as PGP.
No matter if this is something that is have a direct inpact on NSS or not, I would believe that many on this list will find this interesting. The EFF blog post with a more general discription of the problem is here https://www.eff.org/deeplinks/2012/02/researchers-ssl-observatory-cryptographic-vulnerabilities The research paper is here: http://eprint.iacr.org/2012/064.pdf --r -- --- Robert Malmgren Encrypted e-mail preferred E-mail: r...@romab.com PGP RSA 4096, id: 0x5B979EF5 Cellular: +46(0)708-330378 Fingerprint: DE59 D86C 4CAF 2E59 A64E Jabber: r...@romab.com 5476 2360 F1B4 5B97 9EF5 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
