[openssl-dev] Work on a new RNG for OpenSSL

[Salz, Rich]

➢ But I’d like the development team to comment on (and ideally – accept) my request to add RAND_add() method to the RNG that is used in generation of private keys.

Well, I’ve been thinking about this for a bit, since you first raised it.  I am still not sure of the need.  And as the blog post says, we’re not convinced that the current DRBG arrangement is something that will never change.  But I think a new API, RAND_add_ex that took a flag that had values like RAND_ADD_GLOBAL, RAND_ADD_LOCAL, RAND_ADD_PRIVATE, RAND_LOCAL_PRIVATE indicating which to seed.     Thoughts?