<div dir="ltr">Noted and will follow up soon.<br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><br></div><div dir="ltr">Nadim Kobeissi<div>Symbolic Software <span style="color:rgb(84,84,84);font-size:small">• <a href="https://symbolic.software" target="_blank">https://symbolic.software</a></span></div><div><span style="color:rgb(84,84,84);font-size:small">Sent from office</span></div></div></div></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr">On Fri, Sep 14, 2018 at 10:36 AM Justin Cormack <<a href="mailto:justin@specialbusservice.com">justin@specialbusservice.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Looking at KNpsk0 in Noise Explorer, the first message which is "psk, e" says<br>
<br>
"Message contents benefit from message secrecy and some forward<br>
secrecy: the compromise of the responder's long-term private keys,<br>
even at a later date, will lead to message contents being decrypted by<br>
the attacker."<br>
<br>
There isn't any forward secrecy in this message at all I don't think,<br>
so this seems a bit off to me.<br>
<br>
Also, it would be really nice if the wording could distinguish the psk<br>
keys and the private keys, as the "long-term private keys" above is<br>
actually referring to the psk, which is not a private key, and also<br>
could well have different lifecycle to the asymmetric keys, for<br>
example if it is a resumption key, and also unlike the private key is<br>
distributed to multiple parties, so is more likely to leak so calling<br>
out which key is being referred to would be helpful.<br>
<br>
Justin<br>
</blockquote></div>