Still time for Apr1 RFC reducing server_random and client_random in TLS handshake to 1 byte to disclose less internal state of the PRNG!
-
-
@BRIAN_____@hillbrad Which (1) a counter would do just fine, (2) they are already of adequate length for. -
@WatsonLadd@hillbrad It'd be good to settle whether anything but RSA key exchange requires random values instead of just nonces. rfc5705? -
@BRIAN_____@hillbrad Busted for anything not ECDHE because of bugs.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.