At a high level, this isn't my project and I would look towards the maintainers to provide guidance about the direction they want to go. 

However, 

In my opinion, this is a debate on Security vs Compatibility. I'm biased more towards security, and I've tried to make it easy for a platform to understand what is happening with `PcdEnforceSecureRngAlgorithms` . If we default to `default` the platform never has the chance to understand what Rng Algorithms they provide and if that is a problem for them. Default is obviously the most compatible but it's also the one that may or may not be backed by something insecure. Which is why I would prefer if a platform acknowledges that they know it's backed by something secure or if not its an active decision. 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118824): https://edk2.groups.io/g/devel/message/118824
Mute This Topic: https://groups.io/mt/106013302/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-