On Fri, Jan 2, 2015 at 1:47 AM, carlo von lynX < [email protected]> wrote:
> Tony, I would like to challenge the idea of necessity of a "bootstrap > message" - that is to write to a person by either using her master > key or encrypting to all currently known keys. If you are in a social > relationship with that person you must have absolved a communication > bootstrap procedure (using QR codes, shared secrets, social graph > adoption or bluetooth handshake.. whatever) and thus you should be > having an ongoing ephemeral key for each person you talk to. Both > Briar and Pond use ephemerals once the communication is started. The > challenge in this case is rather to synchronize the ephemerals among > the devices, and that can be done with a pubsub channel link between > the devices. Doesn't that make sense? How do you handle network partitions? As a more specific example, how do you handle two devices which aren't ever necessarily on at the same time? Do you synchronize this ephemeral key via an always-on server of some sort? My larger question was about revocation though. If you've lost one of the devices containing your long-lived key, now what? Do you revoke it or not and if so, how do you synchronize the new key to all devices? Having a separate key per device makes revocation easier, as you can just revoke a device-specific key then go on your way. -- Tony Arcieri
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
