From c5b7873fd2d8a830b76e58071ed52ed4c7bd498e Mon Sep 17 00:00:00 2001
From: Andreas Gustafsson <source@isc.org>
Date: Mon, 22 May 2000 18:39:58 +0000
Subject: [PATCH] added warning about pseudorandom key material

---
 README | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/README b/README
index 27c7501e4b..9247e8ef29 100644
--- a/README
+++ b/README
@@ -103,10 +103,17 @@ BIND 9.0.0b3
 		Bug fixes.  Most bugs reported against beta 2 have been
 		fixed.
 
-	Known bugs:
+	There are still some known bugs, including:
+
+		The random data used in generating DNSSEC keys and 
+		signatures contains a significant pseudorandom 
+		component and is therefore not cryptographically 
+		strong.  We do not recommend the use of keys generated
+		by the key generation tools in this distribution 
+		in production.
 
 		The option "query-source * port 53;" will not work as
-		expected. Instead of the wildcard address "*", you need 
+		expected.  Instead of the wildcard address "*", you need 
 		to use an explicit source IP address.
 
 	For a detailed list of user-visible changes since beta 2, see