On Mon, Dec 20, 2004 at 10:19:32AM +0100, Florian Weimer wrote: > * Andrew Suffield: > > > The security of the session is limited by the randomness of the > > weakest key used. If you're going to use /dev/urandom then you might > > as well just not encrypt the session at all. > > Could you provide some rationale for this claim, preferably based on > the kernel code which implements /dev/urandom? No. Can you provide some rationale for yours based on the current price of gold? This is really elementary stuff. Even /Applied cryptography/-waving idiots should know it. I'm not going to write a lengthly essay on the difference between entropy and non-entropy. -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -><- |
Attachment:
signature.asc
Description: Digital signature