Loosely on topic, there is this recent blog entry from Twitter on what
they did to implement Forward Security:
https://blog.twitter.com/2013/forward-secrecy-at-twitter-0
The main point seems to be that they dynamically rotate through SSL
session keys and try to avoid storing them anywhere long-term.
They in turn cite:
Imperial Violet "How to botch TLS forward secrecy"
https://www.imperialviolet.org/2013/06/27/botchingpfs.html
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
