[PATCH] MinGW, random_seed, CryptoAPI

Frank Tobin ftobin at uiuc.edu
Thu Apr 27 20:47:31 CEST 2000


Enzo Michelangeli, at 07:15 +0800 on Fri, 28 Apr 2000, wrote:

> I wouldn't use CAPI at all, not even for the RNG (which is one of the most
> critical parts as far as security is concerned). I just don't trust code of
> which I'm prevented from seeing and recompiling the source.

Using an additional RNG source can't hurt the generation of numbers if
done properly (xor's); it can only help.  Using the CAPI in addition to
the normal resources for RNG is a good decision.

-- 
Frank Tobin		http://www.uiuc.edu/~ftobin/

"To learn what is good and what is to be valued,
those truths which cannot be shaken or changed."  Myst: The Book of Atrus




More information about the Gnupg-devel mailing list