[openssl-dev] Work on a new RNG for OpenSSL
Salz, Rich
rsalz at akamai.com
Mon Jun 26 15:32:05 UTC 2017
> Suggestion: Get rid of every mention of "entropy" from openssl code,
> documentation, design discussions, and everywhere else.
I like this and will do it. Except for our support of the EGD.
> Suggestion: In the common case where exact meaning is not important,
> "entropy" can be replaced by a noncommittal nontechnical word such as
> "randomness". Even so, it should be clearly documented that this term is not
> meant to be quantitative.
Okay.
> Suggestion: If you mean for something to be hard for the attacker to guess,
> the word "adamance" can be used.
All my attempts to look up a definition of this word came up with a noun for for adamant. Which is often appropriate, but maybe no here :)
> Suggestion: In the remaining cases, which are not rare, it is important to take
> a step back and figure out what is the actual idea that is being (or should be)
> discussed. This will not be easy, but it must be done, line by line. Otherwise
> the whole enterprise is likely to be a waste of time.
We are trying hard not to waste anyone's time, a d we appreciate your input. Is it worth reposting my thoughts with your suggested wording changes?
More information about the openssl-dev
mailing list