On Saturday, January 3, 2015 7:27 AM, Ben Harris <[email protected]> wrote: > (3) All devices have device-specific decryption-involved keys, and a > master device uses a signing key to authorize subordinate devices. > An ID based cryptography scheme might make this more manageable. > An identity/user has a master key,
Who would have/use the master key? On Friday, January 2, 2015 10:55 AM, carlo von lynX <[email protected]> wrote: > As I described before in our current plan the long-lived key is not > supposed to be in memory anywhere. You use it to generate each device's > keys, you print it out on a sheet of paper, then wipe computer memory. This is a terrible cost to usability. Though it provides substantial crypto-world benefits to security, it's unclear that it provides any real-world benefits. (It encourages people to not rotate keys...) _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
