From: Stephan Somogyi <somogyi@digmedia.com>
Date: Tue, 19 Sep 95 17:52:35 PDT
To: cypherpunks@toad.com
Subject: Netscape on randseed issue
Message-ID: <v03003201ac8514fbce6d@[198.93.25.98]>
MIME-Version: 1.0
Content-Type: text/plain


Netscape has put up an official response to the randseed issue:

<http://home.netscape.com/newsref/std/random_seed_security.html>

Most interesting to me was the para:

"Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before it
is sent to customers. These experts will validate Netscape's solution
and insure that it is complete and effective in solving this
vulnerability. The group will be used on an ongoing basis to work with
Netscape's internal security experts to review the design and
implementation of security in Netscape's products and to provide an
additional measure of assurance that these products implement the
highest levels of security possible."

Anyone know anything about this group, or is this a reference to the
RSADSI source review that Andrew Loewenstern mentioned earlier today?


________________________________________________________________________
Stephan Somogyi            Think Tank Grenadier            Digital Media