| The algorithm I use is very simple -- I combine a variety of pieces of
| information (including parts of the current message, the local system
| name, the current date/time string, etc.) and feed the resulting very
| long string into a digital signature algorithm. Such an algorithm produces
| a 128-bit key as its output -- deducing an input string that would produce
| the same output is computationally infeasible. Digital signature algorithms
| are really very good, and there are a variety of ones to choose from (I
| think MD4 is good enough for this, but there is always MD5 if you are
| really paranoid). The resulting key is encoded into a printable form that's
| roughly 40 characters long.
No offense, but to me this sounds ridiculous. I really don't see
any reason to not use the boundary marking concept from RFC-934.
(I know RFC-XXXX hasn't had that for a long time).
Timo