Hi,

On Thu, Jun 23, 2011 at 08:15, Akira Tanaka <akr / fsij.org> wrote:
>> We should avoid using
>> /dev/urandom every time on the env w/o OpenSSL in the future.
>
> I'd like to say "Please install OpenSSL" for such request.

Reasonable. Why don't you do so? I mean that removing /dev/urandom
fallback from securerandom.rb and letting simply warn "Please install
OpenSSL".

> Cryptographic algorithms should be implemented/maintained by cryptographic experts but I am not a cryptographic expert.

You wrote securerandom.rb. I think it's too late. :-) :-) Joking
aside, since there's no cryptography expert around us, delegating PRNG
thing to OpenSSL is good I think.

Regards,
// NaHi