[cl-openid-ticket] #14: secure random number generation
cl-openid
cl-openid-devel at common-lisp.net
Fri Aug 15 12:00:14 UTC 2008
#14: secure random number generation
--------------------------+-------------------------------------------------
Reporter: mpasternacki | Owner:
Type: defect | Status: new
Priority: major | Milestone:
Component: code | Version: 1.1 extended
Keywords: |
--------------------------+-------------------------------------------------
Currently, random values are generated using CL:RANDOM function. This is
far from cryptographically secure. Spec refers to
[http://rfc.net/rfc1750.html RFC 1750 Randomness Recommendations for
Security]; these recommendations should be implemented, as a separate
library, and this library should be used for generating random numbers.
--
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/14>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid
More information about the cl-openid-ticket
mailing list