Madhav V <[email protected]> writes: > #2.Unlike desktop operating systems both the iOS and Android(latest > versions) OSs provide a mature application data sandboxing/protection > comparable to RAM on desktops*. When you said RAM only/persistent state, > did you mean to include the latest mobile OSs as well?
That's an interesting claim, but I bet most would consider it inaccurate. The persistent data (in flash) can be obtained with a long-term password, and that is exactly what isn't allowed under PFS. The point is that compromise of all long-term keying material (say next week) does not lead to the ability to decrypt today's conversations. It may be a slightly extreme view, but I think the group's position here is that if you don't have PFS, you don't really have confidentiality.
pgpabQRABqUFg.pgp
Description: PGP signature
_______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
