Replying to Avatar HoloKat

I still think nsecs should be disposable. Instead of guarding it like your life depends on it, would be best to have an ability to recover via some sort of porting (when a key is created, have it delegate another recovery key or something). This way you don't need to be so careful and if one leaks, have the ability to recover from the other (at the same time delegating a new key).

What's wrong with this thinking? Am I overlooking something? Or is this just technically not possible?
Avatar
RamenCoffee 1y ago

I think the flaw in practice is that clients and relays need to be aware of the deprecation of a key. if it's a timed key, maybe doable.

But there's no garantee that, for instance, a stolen key won't be used for evil. The deprecation proof is not guaranteed to reach every client.

also, a timed deprecated key may still be used to sign back-dated notes which may or may not be a serious attack.

Reply to this note

Please Login to reply.

Discussion

No replies yet.