As discussed at the RTCWEB interim: Executive summary: use a CSPRNG to generate CNAMEs. -Ekr _______________________________________________ Audio/Video Transport Core Maintenance avt <at> ietf.org https://www.ietf.org/mailman/listinfo/avt
Good start.
As discussed at the RTCWEB interim:
Executive summary: use a CSPRNG to generate CNAMEs.
-Ekr
_______________________________________________
Audio/Video Transport Core Maintenance
avt <at> ietf.org
https://www.ietf.org/mailman/listinfo/avt
_______________________________________________ Audio/Video Transport Core Maintenance avt <at> ietf.org https://www.ietf.org/mailman/listinfo/avt
On Mon, Jul 9, 2012 at 2:51 PM, Kevin Gross <kevin.gross <at> avanw.com> wrote: > Good start. > > Please consider referencing to RFC 4086. > > Kevin Gross > +1-303-447-0517 > Media Network Consultant > AVA Networks - www.AVAnw.com, www.X192.org > > > On Mon, Jul 9, 2012 at 1:24 PM, Eric Rescorla <ekr <at> rtfm.com> wrote: >> >> As discussed at the RTCWEB interim: >> >> >> Executive summary: use a CSPRNG to generate CNAMEs. >> >> -Ekr >> _______________________________________________ >> Audio/Video Transport Core Maintenance >> avt <at> ietf.org >> https://www.ietf.org/mailman/listinfo/avt > > I meant to. Turns out that RFC 4096 and RFC 4086 are not the same thing. Doh! -Ekr _______________________________________________ Audio/Video Transport Core Maintenance avt <at> ietf.org https://www.ietf.org/mailman/listinfo/avt
[limiting replies to avt, since this is about details] On 9 Jul 2012, at 20:24, Eric Rescorla wrote: > As discussed at the RTCWEB interim: > > Executive summary: use a CSPRNG to generate CNAMEs. Section 2.1 says: "The timestamp (from the RTP header) to within a few seconds. With a typical 100 ticks/second clock, this represents about 10 bits of entropy at most (and potentially more like 2-3 bits)". The RTP timestamp has a random initial value, and typically ticks at either 8kHz or 90kHz. It's not a wall clock. There's more entropy here than supposed. -- -- Colin Perkins http://csperkins.org/ _______________________________________________ Audio/Video Transport Core Maintenance avt <at> ietf.org https://www.ietf.org/mailman/listinfo/avt
On Wed, Jul 11, 2012 at 5:00 AM, Colin Perkins <csp <at> csperkins.org> wrote: > [limiting replies to avt, since this is about details] > > On 9 Jul 2012, at 20:24, Eric Rescorla wrote: >> As discussed at the RTCWEB interim: >> >> Executive summary: use a CSPRNG to generate CNAMEs. > > > Section 2.1 says: "The timestamp (from the RTP header) to within a few seconds. With a typical 100 ticks/second clock, this represents about 10 bits of entropy at most (and potentially more like 2-3 bits)". The RTP timestamp has a random initial value, and typically ticks at either 8kHz or 90kHz. It's not a wall clock. There's more entropy here than supposed. Sorry, RTCP NTP timestamp. -Ekr _______________________________________________ Audio/Video Transport Core Maintenance avt <at> ietf.org https://www.ietf.org/mailman/listinfo/avt
RSS Feed