target = "https://tools.ietf.org/rfc/rfc8446#C.1"

# C.1.  Random Number Generation and Seeding
#
# TLS requires a cryptographically secure pseudorandom number generator
# (CSPRNG).  In most cases, the operating system provides an
# appropriate facility such as /dev/urandom, which should be used
# absent other (e.g., performance) concerns.  It is RECOMMENDED to use
# an existing CSPRNG implementation in preference to crafting a new
# one.  Many adequate cryptographic libraries are already available
# under favorable license terms.  Should those prove unsatisfactory,
# [RFC4086] provides guidance on the generation of random values.
# 
# TLS uses random values (1) in public protocol fields such as the
# public Random values in the ClientHello and ServerHello and (2) to
# generate keying material.  With a properly functioning CSPRNG, this
# does not present a security problem, as it is not feasible to
# determine the CSPRNG state from its output.  However, with a broken
# CSPRNG, it may be possible for an attacker to use the public output
# to determine the CSPRNG internal state and thereby predict the keying
# material, as documented in [CHECKOWAY].  Implementations can provide
# extra security against this form of attack by using separate CSPRNGs
# to generate public and private values.

[[spec]]
level = "SHOULD"
quote = '''
It is RECOMMENDED to use
an existing CSPRNG implementation in preference to crafting a new
one.
'''