Re: Re: Comments re ISC's announcement on bind9 security
Given the extremely small amount of space for randomization (16-bit query ID's) does a cryptographically strong PRNG really make difference? Aside from stopping an easy prediction, doesn't it just generate a little extra work for a determined malicious individual?
Seems to be a moot point to me---whether the PRNG is cryptographically weak or not because of the small sequence number space.
-ntn
討論串 (同標題文章)
完整討論串 (本文為第 5 之 11 篇):