[Cryptography] Is Ron right on randomness

[Salz, Rich]

> Absolutely right.  Only TRNGs that make raw data available should be trusted.  Further, the source should have a simple physical model which is proven out by measurements, preferably continuously.

Meanwhile, back in the real world...  What should OpenSSL do, given the wide number of platforms and huge uninformed community that depends on it, do?