On Mon, Jan 25, 2016 at 11:25 AM, Salz, Rich <rs...@akamai.com> wrote: >> is/should, or they're going to have other problems. > > Really? > > Some high-value device that is rarely connected-to? Like a missle?
If you can't generate 256 random bits for use as a DH key or a client random, anyone can read the connection if they know what the random number generator actually produced. If you can produce 256 random bits, and the device maker was halfway competent, they should know how to turn 256 random bits into computationally indistinguishable infinite stream of random bits. If your missile maker was not halfway competent at computer security, I can only hope the guidance engineers were of the same caliber. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls