tech-net: Re: kernel ip_randomid() and libc randomid(3) still "broken"

Subject: Re: kernel ip_randomid() and libc randomid(3) still "broken"
To: Jonathan Stone <jonathan@DSG.Stanford.EDU>
From: David Laight <david@l8s.co.uk>
List: tech-net
Date: 11/25/2003 23:45:10

> Can we, instead, decare a moratorium on importing any cryptographic or
> PRNG code from OpenBSD, until *after* the code has been reviewed, and
> until *after* the code has passed *empirical testing*?

And after the code as been shown to close a potential security problem.

You need to do a cost-benefit analysis on the algorythm.  This particular
code has lots of cost and almost no benefit.

	David

-- 
David Laight: david@l8s.co.uk