Client keys can either be generated using a random generator by the RMW itself, or configured by the application. An application could still use a random key, or a static one. The static one could be based on some piece of information that identifies the hw platform fi, or using some other algorithm.
I'm wondering if there are any known downsides to using a (semi)static key. Collisions can be avoided by making sure to use sufficiently unique keys, but from a security perspective, using a random one might actually be preferable perhaps (I don't know whether something like a replay attack is possible with Micro-XRCE DDS, but having something which identifies a client being static seems like it could make those easier).
Not so much an issue, as a question.
Client keys can either be generated using a random generator by the RMW itself, or configured by the application. An application could still use a random key, or a static one. The static one could be based on some piece of information that identifies the hw platform fi, or using some other algorithm.
I'm wondering if there are any known downsides to using a (semi)static key. Collisions can be avoided by making sure to use sufficiently unique keys, but from a security perspective, using a random one might actually be preferable perhaps (I don't know whether something like a replay attack is possible with Micro-XRCE DDS, but having something which identifies a client being static seems like it could make those easier).