Why are the arguments on either side so emotional? Because the alleged possible hole is located in the random number generator portion of the code. Random number generation (or more precisely, strong PRNG procedures) are one of the "hot" buttons of this list in general: no matter how strong the mechanism is, someone can postulate "a weakness in the code" that produces "weak" PRN's or gigabuck NSA computers that can reproduce arbitrary PRN streams. And noone can disprove anything. Because nothing, really, can be "proved" to be random; it's that darn halting problem again. All we have are "reasonable" expectations, which aren't reasonable for a subset of the intended user group. Okay... sometime this week I'll take a long look at the prng routines in what PGP source code I have. I'm doing this in order to keep an open mind, _not_ because I expect to find anything. Other than the labeled PRNG/RNG routines, what needs to be looked at? Phil