We'd like the server random and consumer random to forestall replay attacks that an attacker can seize the past session and replay it for the new session.The session critical is never transmitted in the least: it's recognized via a safe essential negoatiaon algorithm. Remember to check your info in advance of posting nonsense such as this. RFC 2246