> I don't see any duplicate data here. The auth tag is moved from the > end of the payload into the 'key'. Moved. Not copied.
Although it's moved (not copied), it's still appended to each key, so you have sizeof(authTag)*numKeys instead of just sizeof(authTag). Doesn't matter too much, but it still adds to the overhead. For AE I don't see much of a reason to further encrypt the auth tag, is there something that came up in the audit about this? On Thu, Oct 6, 2016 at 1:53 PM, Sam Whited <s...@samwhited.com> wrote: > On Thu, Oct 6, 2016 at 3:24 PM, Chris Ballinger <ch...@chatsecure.org> > wrote: > > Daniel: > >> I think we should just store the last time we received a message from a > >> device and if that age is above a certain threshold we should stop > sending > >> messages to that device. A date in PEP can be manipulated by the server > >> admin. > > > > I like that idea. > > Me too, I take back my earlier (out-of-band) statement that if we're > going to have an expiration time we should also have an "issued at" > time. This way is better. > > > > Sam: > > > >> In XMPP at least this is already covered by doing a disco#info on the > >> device > > > > Oh good call. I see what Daniel was saying about users being tricked by > > nicknames though, so maybe it is best to omit it. > > Agreed. > > —Sam > > > > -- > Sam Whited > pub 4096R/54083AE104EA7AD3 > _______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: standards-unsubscr...@xmpp.org > _______________________________________________ >
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________