On 1/25/2016 7:41 PM, Bill Cox wrote:
I have low expectations for IoT vendors' TRNGs. When deadlines get
tight, good engineering on the TRNG is easy to drop. As long as they
whiten the output, it is very difficult to detect TRNG flaws, so there
is little incentive to put in much engineering.
On Mon, Jan 11, 2016 at 6:17 PM David Benjamin
wrote:
> In terms of getting rid of TLS 1.0 and TLS 1.1 altogether, we're seeing
> around 3% of connections using TLS 1.0 or TLS 1.1. That's quite high, and
> it's likely that enterprise deployments are much worse.
>
> I started gathering numbers on
