I contact pointed me to the following: https://medium.com/asecuritysite-when-bob-met-alice/the-state-of-tls-ecdsa-nonce-reuse-1489ab86e488
The article is unclear if this is a TLS 1.2 and/or 1.3 problem. It does claim that 1.3 does not fix all problems with TLS.
It also seems this is a libraries implementation problem. Lack of care in nonce selection.
So I do need to get back to the person that is wanting to know, and I have come up empty in any other information on this problem.
Thanks! Bob _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
