> There are a variety of use of random numbers in QUIC, and I thought of those > as risks of leaking the state of the crypto random generator, and thus > enabling attacks on that generator and eventually risking exposing the > cryptographic state.
FWIW, OpenSSL does the same thing with an API for random bytes (RAND_bytes), and a separate one for when they’re going to be used in key material (RAND_priv_bytes)
