On 17.03.26 17:27, Eric Rescorla wrote:
I'll add that *all* proofs to my knowledge are based on /freshly/ generated keys at /both/ endpoints for /each/ connection. Implementations which do not follow that actually do not enjoy these proofs, because that needs additional logic in the state machine to cover the code for reuse.It is trivial to implement this requirement: just generate afresh key for each connection. In fact, it is more work to not implement it.
Best regards, -Usama
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
