On Mon, Feb 10, 2025, at 17:48, Loganaden Velvindron wrote:
> This caught my attention:
>
>> [...] **such as /dev/urandom** [...]
>
> /dev/urandom is nice, but many OSes have adopted the getrandom()
> interface. The advantage is that you don't need an additional file
> description open and it can
Hi All,
This caught my attention:
"
TLS requires a cryptographically secure pseudorandom number generator
(CSPRNG). In most cases, the operating system provides an appropriate
facility such as /dev/urandom, which should be used absent other
(e.g., performance) concerns. It is RECOMMENDED to use a
Hi folks,
David Benjamin noticed that there was some vagueness in the TLS and
DTLS specs about the exact prefix to use with HKDF-Expand-Label.
The following PR attempts to clarify what I think we agree on,
which is that extensions should use the label associated with
the version of TLS they are b
