From owner-freebsd-current Sun Jun 18 19: 3:24 2000 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 9922E37B528; Sun, 18 Jun 2000 19:03:20 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA31706; Sun, 18 Jun 2000 20:03:18 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA52489; Sun, 18 Jun 2000 20:01:54 -0600 (MDT) Message-Id: <200006190201.UAA52489@harmony.village.org> To: "Jeroen C. van Gelderen" Subject: Re: mktemp() patch Cc: Mark Murray , Kris Kennaway , current@FreeBSD.ORG In-reply-to: Your message of "Fri, 09 Jun 2000 13:09:23 EDT." <394124C3.221E61BC@vangelderen.org> References: <394124C3.221E61BC@vangelderen.org> <200006081724.TAA00705@grimreaper.grondar.za> Date: Sun, 18 Jun 2000 20:01:54 -0600 From: Warner Losh Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <394124C3.221E61BC@vangelderen.org> "Jeroen C. van Gelderen" writes: : Pseudo random numbers are so cheap (or they should be) that you : just don't want to try and 'optimize' here. It is much better to : be conservative and use a good PRNG until it *proves* to be very : problematic. I disagree with this strongly. PRNG have proven time and time again to weaken security due to their less than random nature. It is my judgement that going down this path would be very bad, especially when cryptographically strong random number generators exist and are part of the base FreeBSD system. We should just use those... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message