Porting GNUPG

Paul D. Smith psmith at BayNetworks.COM
Mon Sep 14 11:17:57 CEST 1998

%% Werner Koch <wk at isil.d.shuttle.de> writes:

  wk> "Paul D. Smith" <psmith at BayNetworks.COM> writes:
  >> Isn't the method PGP uses to generate random numbers sufficiently
  >> strong for the purposes of GnuPG too?  Is there some reason that
  >> method hasn't been implemented, except for 'tuits?

  wk> Measurement of key hit timings is not easy on a unix box and less
  wk> secure than what you can do under DOS.  The Linux random number 
  wk> generator is much better as a source for random number.

Certainly if your box contains a good system RNG that's ideal, but I
don't think we should restrict GnuPG to working only on such systems :)

  wk> In addition to this GNUPG implements all requirements from
  wk> RFC1750.

Not sure what this means?  What does RFC1750 require?  I suppose I can
go look it up myself... :)

 Paul D. Smith <psmith at baynetworks.com>         Network Management Development
 "Please remain calm...I may be mad, but I am a professional." --Mad Scientist
     These are my opinions--Bay Networks takes no responsibility for them.

More information about the Gnupg-devel mailing list