"Against Rekeying"
John Ioannidis
ji at tla.org
Wed Mar 24 19:58:16 EDT 2010
I think the problem is more marketing and less technology. Some
marketoid somewhere decided to say that their product supports rekeying
(they usually call it "key agility"). Probably because they read
somewhere that you should change your password frequently (another
misconception, but that's for another show).
Also, there's a big difference between rekeying communications protocols
and rekeying for stored data. Again, the marketoids don't understand
this. When I was working for a startup that was making a system which
included an encrypted file system, people kept asking us about rekeying,
because "everybody has it".
/ji
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list