[Standards-JIG] The Great Encryption Debate

Ian Paterson ian.paterson at clientside.co.uk
Thu Aug 4 12:37:59 UTC 2005


Hi Justin, thanks for all your pertinent feedback!

> what if the user is unable to publish new values prior to 
> logging off, such as in the event of a network outage (or 
> worse, some sort of attack) ?  It seems to me that the
> client should submit new values as soon as 
> possible, perhaps right after logging in.

Yes, another good point. :)

I think Bob should delete the published values as soon as he logs in.
[Of course he still needs to remember his securely stored values of y
and KID so he can decrypt any offline Esessions he receives.]

The reason I've held back on specifying that, is that Bob's presence
will be divulged to anyone who has access to the changes to his
published data. Ideally I'd like to avoid restricting offline Esessions
to entities that are subscribing to Bob's presence. But all the
'solutions' I've thought of compromise security. So, unless someone has
a brilliant idea about this, I guess the time has come to accept that
limitation?

- Ian




More information about the Standards mailing list