[messaging] Multiple devices and key synchronization: some thoughts
David Gil
dgil at yahoo-inc.com
Sat Jan 3 16:23:48 PST 2015
On Saturday, January 3, 2015 7:27 AM, Ben Harris <mail at bharr.is> wrote:
> (3) All devices have device-specific decryption-involved keys, and a
> master device uses a signing key to authorize subordinate devices.
> An ID based cryptography scheme might make this more manageable.
> An identity/user has a master key,
Who would have/use the master key?
On Friday, January 2, 2015 10:55 AM, carlo von lynX <lynX at i.know.you.are.psyced.org> wrote:
> As I described before in our current plan the long-lived key is not
> supposed to be in memory anywhere. You use it to generate each device's
> keys, you print it out on a sheet of paper, then wipe computer memory.
This is a terrible cost to usability. Though it provides substantial
crypto-world benefits to security, it's unclear that it provides any
real-world benefits. (It encourages people to not rotate keys...)
More information about the Messaging
mailing list