On Wed, Jul 08, 2026 at 12:11:48PM -0700, Christian Huitema wrote:
> 
> Looking at the generic issue, I would have loved to find a more recent
> reference than RFC 4086, Randomness Requirements for Security.

Yeah, me, too (and I have for a long time).  That's why
https://www.rfc-editor.org/info/rfc8446/#appendix-C.1 (which davidben linked
earlier today) talks about "use an existing CSPRNG, like /dev/urandom" and only
mentions RFC 4086 if such things are unsatisfactory.

-Ben

_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to