On Wed, Dec 28, 2016 at 01:11:36PM +0000, Guballa Jens (ETAS-PSC/ECS) wrote:
> My understanding:
> A compromised long term key does not compromise captured future traffic =>
> forward secrecy (provided by (EC)DHE)
This is not correct. Forward-secrecy is the below, not the above.
> A compromised long term key does not compromise captured traffic from the
> past => backward secrecy (provided by HKDF-hash)
--
Viktor.
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
