Taylor R Campbell <campbell+...@mumble.net> writes: > Date: Tue, 10 Nov 2015 16:15:58 -0500 > From: Greg Troxel <g...@ir.bbn.com> > > So it seems obvious that PFS is not a binary property; presumanbly the > keys are overwritten (seems hard with flash wear leveling) when new > messages happen, but there is a perhaps-months "short term key", vs a > maybe-years "long term key", and PFS or not becomes blurry. > > PFS is indeed not a binary property. Aside from confusion arising > from the loaded word `perfect' in `perfect forward secrecy', some > people argue against using the term at all in favour of `key erasure', > and of stating when the relevant keys are erased.
A fair point. I would argue, though, that most people would consider that "PFS" is only achieved when the keys that need to be erased are never written to permanent storage. So I'd add "where stored" to "when erased". I personally, am not confident that I can erase flash.
signature.asc
Description: PGP signature
_______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
