Re: entropicdata.com ?

[kowsik <kowsik () gmail com>]

Heh. I think we'll need a random.dv site which has a JSON API to
return crap. :-) New startup idea right there.

K.

On Tue, May 19, 2009 at 4:44 PM, Dave Aitel <dave () kof immunityinc com> wrote:
> Lots of people are doing things in web services (AJAX, etc) that require
> real crypto. So they implement RSA/twofish/etc in Javascript and run that in
> the browser. But this requires a way to generate a key which requires some
> entropy. There's no "feed of random numbers" that I know of on the web that
> you can use to seed your crypto, probably because of cross site
> restrictions. But it seems like either google gears, HTML5, or one of the
> other new extensions should offer it as a built-in API.
>
> Likewise if they allowed you to get data from other sites (which the new
> Firefox does sometimes?) then you could set up a web service for people to
> use to get their entropic data from (over SSL of course :>).
>
> What else are people using for this? It seems to be a bit of a theme here at
> SyScan (re: David Thiel's RIA presentation). Is there an API in
> Silverlight/Flash/etc that lets you get entropy and then give it back to the
> browser context?
>
> -dave
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave