Greg Stark wrote:
> The server can just add the master secret into its RNG (along with other
> entropy of course). I don't think the extra steps of having the client pass
> more random bytes adds much if anything and requires this extra protocol to
> support and debug.
Be careful -- using the master secret as a key for an hmac is one thing, but
using it directly seems like a BAD IDEA. See the protocol work done for
Public Key Security for Mobile IP -- ad hoc, off-the-cuff protocol design
is risky.
Cf. Bellaire and Rogaway, et al.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
