est31

> If it breaks, one has to do a two-stage roll-out of some kind. Okay, that's the important part, that you keep it in mind when designing the system that...

I think the best reason to pass stateful random generators rather than seeds is that the seeds could otherwise easily be reused. it's obviously bad when one has programs using...

Hmm yeah good point about it being sealed. I guess we'll have to either get Brian to un-seal the trait, or we address #74. Until then we can't do much...

> That seems like a very complicated, user-unfriendly solution. IMO it probably isn't worth the complexity. Might be better off Agree that these two solutions you list as a and...

The non-RSA based algos are blocked by ring support, while RSA based algos haven't been much of a priority for me because ring has no key generation support. I'm open...

I've tried adding RSA_PSS support in b2733e86011de5ad08f4e54d2231b103f5d56495 but didn't get it to work. So I made support non-pub for now. See also 46bf2eff0b5f8eac1fb8ddf7cc807e168277e3a4 . One could say it's blocked on...

Hmmm that's interesting. SHA-512 is supposed to be supported.

mhh yeah good point, you have to use `from_der_and_sign_algo` instead in this instance.

That's also a nice approach... I'm not sure ring's APIs allow auto-detection like the one we need, outside of starting trial encryptions/decryptions, which are time-intensive.

Yeah, we should probably implement all the relevant traits listed in the [API guidelines](https://rust-lang-nursery.github.io/api-guidelines/interoperability.html#types-eagerly-implement-common-traits-c-common-traits)