Thanks Jakob. But still, it is not clear to me.
If server random is not present, a malicious user can copy all the messages
from client and can replay them multiple times leading to DoS attack. But
even if client random is not present, I believe, attacker cannot replay
messages from server side as
On 2/5/2013 12:05 PM, Thulasi wrote:
Hello all,
** This is not regarding OpenSSL software but about the protocol in
general.
I am trying to understand the use of 32 byte(4 byte data + 28 byte rand)
client random which is part of Client Hello. I understand that Server
Random is required to avoid
