lsd0012

LSD0012: CORE Authenticated Key Exchange (CAKE)
Log | Files | Refs
commit 781565d4f265d8a44fdec054c917e698e7871d2c
parent 6ccfe9c9b60940920dc6ce5df5e45c7a8f8573eb
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date:   Wed, 13 Nov 2024 09:05:15 +0100

delete old secrets

Diffstat:

Mdraft-schanzen-cake.xml | 1+


1 file changed, 1 insertion(+), 0 deletions(-)

diff --git a/draft-schanzen-cake.xml b/draft-schanzen-cake.xml
@@ -343,6 +343,7 @@ nonce = HKDF-Expand ([I,R][A,H]TS, "iv", 12)
         </figure>
         <t>
           When a peer wants to update keys, it sends a key update message <xref target="key_update_msg"/>.
+          Implementations <bcp14>SHOULD</bcp14> delete old traffic secrets and their derived keys.
         </t>
     </section>
     <section anchor="wire_formats" numbered="true" toc="default">