Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://furry.engineer/users/soatok/statuses/113353418180959529">Soatok Dreamseeker (soatok@furry.engineer)'s status on Wednesday, 23-Oct-2024 07:33:05 JST</a><a href="https://furry.engineer/@soatok" title="soatok@furry.engineer"><img src="https://gnusocial.jp/avatar/34725-48-20230823231406.webp" width="48" height="48" alt="Soatok Dreamseeker" style="position: absolute; left: 0; top: 0;">Soatok Dreamseeker</a><div><a href="https://gnusocial.jp/notice/7559821" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/83194" title="jkmcnk@mastodon.social">jaKa Močnik</a></li><li><a href="https://gnusocial.jp/user/274913" title="feld@friedcheese.us">feld</a></li></ul></div></section><article><p><a href="https://friedcheese.us/users/feld" rel="nofollow noreferrer">@feld</a> <a href="https://chaos.social/@gsuberland" rel="nofollow noreferrer">@gsuberland</a> <a href="https://mastodon.social/@jkmcnk" rel="nofollow noreferrer">@jkmcnk</a> I think this is asking the wrong question</p><p>Building PFS into a protocol costs almost nothing and makes security proofs easier, simplifies analysis, and lets us focus on other areas of the attack surface.</p><p>PFS should be the default for any protocol designed after the 1990s, and any design that doesn't include it should justify their choice to exclude it, rather than the converse.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3865153#notice-7559962">In conversation</a><time datetime="2024-10-23T07:33:05+09:00" title="Wednesday, 23-Oct-2024 07:33:05 JST">about a month ago</time> <span>from <span><a href="https://furry.engineer/@soatok/113353418180959529" rel="external" title="Sent from furry.engineer via ActivityPub">furry.engineer</a></span></span><a href="https://furry.engineer/@soatok/113353418180959529">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Soatok Dreamseeker (soatok@furry.engineer)'s status on Wednesday, 23-Oct-2024 07:33:05 JSTSoatok Dreamseeker
in reply to
@feld @gsuberland @jkmcnk I think this is asking the wrong question
Building PFS into a protocol costs almost nothing and makes security proofs easier, simplifies analysis, and lets us focus on other areas of the attack surface.
PFS should be the default for any protocol designed after the 1990s, and any design that doesn't include it should justify their choice to exclude it, rather than the converse.
In conversationabout a month ago from furry.engineerpermalink

Public

Embed Notice

HTML Code

Corresponding Notice