If I have a shared secret ratchet going on, and I send something encrypted with secret 1, I can't get rid of secret 1, can I? I need to wait until the peer sends me something encrypted with secret 2, before I know we've both gone past secret 1. But waiting is dumb. If I want to send multiple messages in a row, can't I continue using secret 1? Usually I'll just wait for a reply, but just if there are like, updates or typoes, or something.
I can't think of a scenario where I'd send a message, and then send another one, and the first would be more incriminating than the second. Worst comes to worst I could have a special "Abort" message that says I threw away all secrets because I sent a message I regret. But if the Abort message itself is lost and never delivered... Sorry this is really confusing me. Because if I send S1(M1) then discard S1 for S2, with unreliable delivery, S1(M1) might never reach you, so when you wanted to send me a message you'd use S1 too, and I wouldn't be able to decrypt it anymore. But if I hold onto S1, and only discard it when you use S2 or S3, then we won't have to re-establish the conversation, in a way that seems much easier to monitor than the reuse of a shared secret.
