Hi Stas,
On Wed, Jun 29, 2016 at 9:09 AM, Stanislav Malyshev wrote:
>
>> Concern has been discussed is risk of broken PRNG and predictable
>> session ID. We may insist any platform must have reliable PRNG, but it
>> would be good idea to have least mitigation. Reading extra bytes
>> should be goo
Hi :)
On Wed, Jun 29, 2016 at 7:09 AM, Stanislav Malyshev wrote:
> Hi!
>
>> Concern has been discussed is risk of broken PRNG and predictable
>> session ID. We may insist any platform must have reliable PRNG, but it
>> would be good idea to have least mitigation. Reading extra bytes
>> should be
Hi!
> Concern has been discussed is risk of broken PRNG and predictable
> session ID. We may insist any platform must have reliable PRNG, but it
> would be good idea to have least mitigation. Reading extra bytes
> should be good enough for this purpose.
I still see no reason to change it stated i
