wk at isil.d.shuttle.de
Mon Sep 14 10:00:43 CEST 1998
"Paul D. Smith" <psmith at BayNetworks.COM> writes:
> Isn't the method PGP uses to generate random numbers sufficiently strong
> for the purposes of GnuPG too? Is there some reason that method hasn't
> been implemented, except for 'tuits?
Measurement of key hit timings is not easy on a unix box and less
secure than what you can do under DOS. The Linux random number
generator is much better as a source for random number. In addition
to this GNUPG implements all requirements from RFC1750.
More information about the Gnupg-devel