On Fri, 4 May 2001, Dilkie, Lee wrote:
> It is critical to get the initial seed with as much entropy as possible
yes, it's traditional way to keep openssl' PRNG happy.
However, "a random" inside "server hello" is sent in clear
and it may be appropriate to use low-quality clock-based source her
nt: Friday, May 04, 2001 10:55 AM
To: [EMAIL PROTECTED]
Subject: Re: Embedded SSL and randomness
Lee,
unpredictable random numbers required for ssl client to set
pre-master secret, client key exchange message, rsa mode.
One can run a "reverse" solution with SSL client on a web server.
Lee,
unpredictable random numbers required for ssl client to set
pre-master secret, client key exchange message, rsa mode.
One can run a "reverse" solution with SSL client on a web server.
Unfortunately this breaks HTTPS. However, you still have
a secure solution and a CA in business :)
would th
At 04:10 PM 5/4/01 +0300, Andreas Bäck wrote:
>The core question is what [it] takes to port it to an embeded system.
FWIW: my number one worry about porting SSL to an embedded system is where
I get my entropy. Because my company sells embedded OS's to end
developers, I need a general solution i
