15 Aug
2018
15 Aug
'18
12:12 a.m.
[ again, thanks for an answer to the question asked ]
anyone using the timed key-chain stuff?
I’ve looked at it, hear it works, but not been willing to take the hit for any transition.
and i am not sure it meets my needs. i am not seeking privacy or pfs. i want roll-if-compromise. (and no, i do not want automated compromise heuristics, a recipe for death).
we need something that’s stable enough to last 5-7 years, which is very different from a HTTP transaction that may live only a few seconds.
something such as, or close to, rfc 4808? randy