Hi Niklas, On Fri, Jan 20, 2017 at 1:07 AM, Niklas Keller <m...@kelunik.com> wrote:
> has this been committed? It's just the same BC issue as seeding mt_rand > with a CSPRNG by default. Not yet. I really don't see any pros for caring about failing CSPRNG and fallback to weak behavior. 1) BC is extremely unlikely. Basically, no BC on healthy hardware/OS. 2) Then things failed, programs should fail properly. i.e. Shouldn't fallback to weaker/problematic code. Broken CSPRNG is like BUS error, i.e. hardware error, why should we care so much about it? Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
