[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed message on perfect forward security

>On the other hand, many other applications have no strong requirement for
>perfect forward security. Examples of these fall generally into that class

But this is not an argument against mechanisms that do provide perfect
forward secrecy unless you can *prove* that the extra cost is
unacceptable. As CPUs get faster, the authors of modexp routines get
smarter, and the IPSEC group gets older, I find it increasing hard to
justify developing lots of different algorithms.  I'd much prefer to
do one for the most general case and leave it at that.