[openssl-users] Do you use EGD or PRNGD?

Jakob Bohm jb-openssl at wisemo.com
Mon Jun 1 18:28:11 UTC 2015

On 01/06/2015 16:03, Salz, Rich wrote:
> We are thinking of removing support for EGD (entropy-gathering daemon) 
> in the next release.  None of our supported platforms have needed it 
> for some time.  If this will cause an issue for you, please reply soon.

While the original EGD is needed only on platforms with
no platform-provided equivalent (such as /dev/*random or
Microsoft CryptGenRandom()), it should be noted that a
networked variant of the EGD protocol has been used by
at least one hardware RNG vendor, though I am unsure if
the builtin EGD code in OpenSSL could ever talk directly
to that variant anyway.

Two other platforms I can think of as potentially affected
are Solaris 2.4+ without the /dev/random patch and CE
installations without MS CryptoAPI (this is the default
for some CE 2.11 targets, and an option for any vendor
configured CE installation of any version, including the
latest ones, though that latter option might be as rare
as building the Linux kernel without /dev/*random).


Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150601/10cedea6/attachment.html>

More information about the openssl-users mailing list