On Wed, Sep 25, 2013 at 11:38 PM, coderman <[email protected]> wrote: >... > the key is to re-key so frequently there is never a significant volume > transferred under the same symmetric key.
this also is useful for constraining the duration of an authenticated session. if you must "attest" to the authenticated status of an entity at a frequent interval, the use of a panic button or other key zeroisation / session abort mode becomes much more useful and actionable, denying access to the protected resource within milliseconds of a "panic" event occurring. this is another long tangent for another day...
