yarrow/prng - option to bypass

Zhanna Tsitkova tsitkova at MIT.EDU
Tue Nov 17 16:02:26 EST 2009

I would like to bring up an idea  for the bypass of the native kerb  
yarrow impl and allow appls to use an alternative sources of  
randomness when is it desirable. The potential beneficiaries  of this  
option are mobile devices that want to use the single source of  
randomness and  systems that already use yarrow and  are forced to  
duplicate an effort in kerb framework.
Two approaches are possible: not build krb yarrow at all or bypass it  
at the run time. In any case the native kerberos yarrow impl must be  
default prng.

Opinions, ideas, comcerns?


More information about the krbdev mailing list