> What's supposedly bad about the 1.0.x/1.1.0 OpenSSL RNG other
than not being an NSA/NIST design?
Poor locking; been known to crash.Does not reseed. Global across the process, rather than isolated for private-key generation or per-connection. Mixes in getpid and time to get "better" random bytes. Has a "pseudo-rand" feature. Never was cryptographically evaluated. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
