💾 Archived View for rawtext.club › ~sloum › geminilist › 002098.gmi captured on 2020-10-31 at 02:43:58. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2020-09-24)
-=-=-=-=-=-=-
colecmac at protonmail.com colecmac at protonmail.com
Tue Jul 7 04:29:37 BST 2020
- - - - - - - - - - - - - - - - - - -
Servers can still rotate key pairs without introducing the attack vector of
expiring the old ones [2].
I just don't understand the advantage to
key rotation + expiring the old keys vs. simple key rotation by itself.
Thanks for chiming in mozz!
How can a server rotate a keypair and prove it's still the same serveras before, that there's not an MITM attack going on? This is a genuine question,I haven't heard much about key rotation for TLS before. Could you explain orsend a link on how this works? I can't find much on it.
Thanks,makeworld