Adding Fortuna as a new prng
Nicolas Williams
Nicolas.Williams at oracle.com
Fri Aug 20 12:36:14 EDT 2010
On Thu, Aug 19, 2010 at 09:18:03AM -0400, Sam Hartman wrote:
> I kind of question the future plan. I consider myself a power user and
> couldn't imagine ever wanting to switch PRNGs. I think few Kerberos
> users want the complexity of PRNG selection. I've never had to select
> the PRNG I use for OpenSSL, Windows, ssh, NSS or the like. Why should I
> for Kerberos?
+1
(Well, I could see people switching crypto implementations because some
are faster than others in some cases, slower in others. For a while you
could do just that in some Solaris applications, including ssh. But for
the PRNG I agree that providing more run-time options is not a good
idea. Build-time options are OK, and maybe even desirable.)
Nico
--
More information about the krbdev
mailing list