[Standards-JIG] RE: Encrypted sessions
ian.paterson at clientside.co.uk
Thu Jun 8 03:18:01 UTC 2006
> The JEP-116 without "offline encryption"
> will be even more secure, because there won't be any inter
> session key material left to be compromised. This is what
> real Perfect Forward Secrecy is about.
Since the alternative is no encryption of offline messages, it could
hardly be "even more secure". ;-)
Offline messages would still benefit from Perfect Forward Secrecy,
although PFS would not start until the user came online.
> The added complexity comes in the management of crypto material
> sessions (check, remove, add, etc...) just for the sake of
> "offline encryption". Without this part, JEP-116
> implementation is straightforward. Is the added complexity
> worth the effort?
IMHO yes, absolutely (see above).
Note that offline encryption is already optional (MAY), so implementors
can decide for themselves.
If it makes it easier for implementors I suppose we could consider
spliting the document into two JEPs?
After all, online-only encryption is better than no encryption at all.
More information about the Standards