On Fri, Jul 28, 2017 at 01:37:33PM +, Dan Brown wrote:
>
> Finally, on systems with a linux-style interface, /dev/urandom and
> /dev/random could be used as the two CSPRNGs on some systems (or
> seed sources), although I think one of these is now deprecated?
You do not want to use
On Friday, 28 July 2017 14:45:40 CEST Benjamin Kaduk wrote:
> On 07/28/2017 07:41 AM, Hubert Kario wrote:
> > (looking at -21)
> >
> > Section 4.2.10.2 PSK binder refers to ClientHello1[truncated] as the value
> > that needs to be used as parameter to Transcript-Hash.
> >
> > Neither 'truncated'
I try below to better explain my points against separated public and private
CSPRNG instances.
Perhaps the easiest way to get "independent" seeds for the two instances of a
CSPRNG, is to use a third CSPRNG instance to generate the seeds. But then the
problem arises again, if the 3 CSPRNGs
On 07/28/2017 07:41 AM, Hubert Kario wrote:
> (looking at -21)
>
> Section 4.2.10.2 PSK binder refers to ClientHello1[truncated] as the value
> that needs to be used as parameter to Transcript-Hash.
>
> Neither 'truncated' nor 'ClientHello1' are formally defined.
>
> ClientHello1 can be guessed
(looking at -21)
Section 4.2.10.2 PSK binder refers to ClientHello1[truncated] as the value
that needs to be used as parameter to Transcript-Hash.
Neither 'truncated' nor 'ClientHello1' are formally defined.
ClientHello1 can be guessed (given text in 4.4.1) as the first ClientHello
that the
On 07/28/2017 06:59 AM, Martin Thomson wrote:
> Just doing some code review and noticed that we don't allocate a value
> for a NamedGroup of 0. Knowing the morass of code out there that does
> TLS, this is probably used as a sentinel value of some sort somewhere
> (the code I was reviewing did
Just doing some code review and noticed that we don't allocate a value
for a NamedGroup of 0. Knowing the morass of code out there that does
TLS, this is probably used as a sentinel value of some sort somewhere
(the code I was reviewing did exactly that).
Can we reserve this value?
Hiya,
On 28/07/17 00:50, Eric Rescorla wrote:
> I used the term "separate" here, which was intended to convey this, but if
> people think "independent" or something is better, happy to change.
I think your change is a fine improvement over -21, thanks.
(And my suggested text was as imperfect as
