Hi Michael, While MT's comment might sound nitpicky, he's right in suggesting people use real PNRGs because we've already had collisions due to human-picked numbers in the past. The fact that quic-multipath made the same mistake doesn't make it best practice. (And FWIW I'm also guilty of having made that mistake in the past).
David On Tue, Oct 18, 2022 at 2:28 AM Michael Eriksson <michael.eriksson= [email protected]> wrote: > On Tue, Oct 18, 2022 at 11:13:24 +1100, Martin Thomson wrote: > > I see this in the draft: > > > > "TBD - experiments use 0xadda" > > > > I find it hard to believe that this value was chosen at random. > > Please consult a random number generator for these values. And - > > while you are developing proposals - larger values might be more > > appropriate. > > That was a pretty nitpicky comment... Have you read > draft-ietf-quic-multipath? The 0xbabaXX constants don't look very > random if you consider the affiliation of the first authors. > > Also, what is a "large" value? 0xadda is big enough to require a > 32-bit VarInt. > > /me >
