[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11-comment] Ephemeral key storage attribute
On 9/11/23 9:15 AM, Alan Braggins wrote:
My experience was that ephemeral keys are session keys. Bear in mind that a session object created in one session can be used in other sessions, so long as the session that created it remains open.(But re-using a temporary (EC)DH key across sessions will compromise forward secrecy guarantees.)
Regards,Alan
This s correct. For historical reasons Token == permanent and Session== ephemeral. The life of a session object is limited to the life of the session it was created on. A Token object will persist even passed library shutdown. (or machine power down).
bob
On Mon, 11 Sept 2023, 12:32 Brahmaji K, <brahmaji.k@gmail.com> wrote:
Dear PKCS11 group,
Which PKCS11 attribute to be used to represent the key is ephemeral key?
From all P11 specs, it is mentioned CKA_TOKEN only to represent whether the key is TOKEN key or SESSION key so wanted to know how the ephemeral key can be represented?
Thanks and Regards,Brahmaji K
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]