In some cases, the secrets are already generated by other means and not always freshly generated.
we assume that secrets are sampled uniformly at random using
a cryptographically secure pseudorandom number generator (CSPRNG);
see RFC4086 for additional guidance on the generation of random numbers.
In some cases, the secrets are already generated by other means and not always freshly generated.