Adding Fortuna as a new prng

Nicolas Williams Nicolas.Williams at
Fri Aug 20 12:36:14 EDT 2010

On Thu, Aug 19, 2010 at 09:18:03AM -0400, Sam Hartman wrote:
> I kind of question the future plan.  I consider myself a power user and
> couldn't imagine ever wanting to switch PRNGs.  I think few Kerberos
> users want the complexity of PRNG selection.  I've never had to select
> the PRNG I use for OpenSSL, Windows, ssh, NSS or the like.  Why should I
> for Kerberos?


(Well, I could see people switching crypto implementations because some
are faster than others in some cases, slower in others.  For a while you
could do just that in some Solaris applications, including ssh.  But for
the PRNG I agree that providing more run-time options is not a good
idea.  Build-time options are OK, and maybe even desirable.)


More information about the krbdev mailing list