[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Netscape "random" number seed generator code available
In article <[email protected]>, [email protected] (David J. Bianco) writes:
> On Sep 25, 2:38, Phil Karlton sent the following to the NSA's mail
> archives:
> > Subject: Netscape "random" number seed generator code available
> || As is mentioned in the README, more will need to be done to find more
> || bits of entropy. (Too much of a good thing is still not enough.)
> || However the security team believes that the RNG seed is no longer the
> || weak link and candidate for attack. So I am personally volunteering
> || to have my had shaved if a discovered deficiency in this code results
> || in an easily attacked generated seed. [You will be expected to show
> || your work. :-)]
> ||
>
> Will you put a picture up on http://www.netscape.com/ someone does find
> a problem? 8-)
I will make sure that a picture is available on the web if Phil has
to shave his head.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
[email protected] - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.