Yoav Nir writes:
> Alternatively it would simplify things immensely if we mandate that
> SPIs be random for implementations that support QCD (possibly only
> on the gateway side). Can we do it without having to "update RFC
> 4306"?
Yes I think we can do that, as this is requirement for only those
Reported by Yaron Sheffer:
5.1: this method is indeed problemmatic if SPIi/SPIr pairs are repeated with
high probability. If SPI pairs only repeat across reboots (somewhat unlikely),
then an "epoch" (time of last reboot) value can be included to mitigate this
problem. This is still close enough
