Re: [gnutls-dev] Feature request: not really random session keys

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] Feature request: not really random session keys

From:	Florian Weimer
Subject:	Re: [gnutls-dev] Feature request: not really random session keys
Date:	Mon, 30 Jan 2006 15:34:50 +0100

I tracked this down to the generation of the RSA_EXPORT key.  In this
case, bits from /dev/random are used, even though the generated key is
horribly insecure anyway.

Wouldn't it make sense to use only STRONG_RANDOM in this case, and not
VERY_STRONG_RANDOM?

(I have a distinct dejà-vu feeling about the whole matter.  Odd.)

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [gnutls-dev] Feature request: not really random session keys, (continued)
- Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer <=
  - [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
    - [gnutls-dev] Re: Feature request: not really random session keys, Florian Weimer, 2006/01/30
    - [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
    - [gnutls-dev] Re: Feature request: not really random session keys, Florian Weimer, 2006/01/30
    - [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
    - Re: [gnutls-dev] Re: Feature request: not really random session keys, Werner Koch, 2006/01/31

Prev by Date: Re: [gnutls-dev] Feature request: not really random session keys
Next by Date: Re: [gnutls-dev] Feature request: not really random session keys
Previous by thread: Re: [gnutls-dev] Feature request: not really random session keys
Next by thread: [gnutls-dev] Re: Feature request: not really random session keys
Index(es):
- Date
- Thread