From: Hiroshi Nakamura <nakahiro@...>
Date: 2011-06-23T15:47:44+09:00
Subject: [ruby-core:37309] Re: [Ruby 1.9 - Bug #4579] SecureRandom + OpenSSL may repeat with fork

Hi,

On Thu, Jun 23, 2011 at 08:15, Akira Tanaka <akr@fsij.org> wrote:
>> We should avoid using
>> /dev/urandom every time on the env w/o OpenSSL in the future.
>
> I'd like to say "Please install OpenSSL" for such request.

Reasonable. Why don't you do so? I mean that removing /dev/urandom
fallback from securerandom.rb and letting simply warn "Please install
OpenSSL".

> Cryptographic algorithms should be implemented/maintained by cryptographic experts but I am not a cryptographic expert.

You wrote securerandom.rb. I think it's too late. :-) :-) Joking
aside, since there's no cryptography expert around us, delegating PRNG
thing to OpenSSL is good I think.

Regards,
// NaHi