On 30 aug 2013, at 17:44, Paul Wouters <paul at nohats.ca> wrote: > Wow, that is pretty epic - in a bad way...... Am I really trusting opendnssec > to generate RSA keys with the below code for entropy? filenames in /tmp? Although I agree this is bad - have you checked if these are the ONLY entropy sources used by Botan? jakob