On Thu, Jun 30, 2022 at 06:47:38AM -0400, tlhackque wrote:
> FWIW: Having watched the discussion about CONFIG_ANDROID, it occurs to 
> me that there's an alternative for WireGuard that sidesteps the issue.
>  From the last patcheset, it seems that the only use in WireGuard is to 
> avoid clearing keys on every wake-up.

No, it clears keys before sleeping.

> So: Why not timestamp key-clear events, and establish a minimum interval?

Because we don't know when we're going to wake up again, and the
objective is to maintain forward secrecy.


Reply via email to