bifurcation
commented
4 years ago - [X] Remove blanking of nodes on Add (*)
- [X] Change epoch numbers to uint64 (*)
- [x] Add PSK inputs (*)
- [x] Add key schedule exporter (*)
- [x] Sign the updated direct path on Commit, using "parent hashes" and one signature per leaf (*)
- [x] Use structured types for external senders (*)
- [X] Redesign Welcome to include confirmation and use derived keys (*)
- [x] Remove ignored proposals (*)
- [x] Always include an Update with a Commit (*)
- [x] Add per-message entropy to guard against nonce reuse (*)
- [x] Use the same hash ratchet construct for both application and handshake keys (*)
- [x] Add more ciphersuites
- [x] Use HKDF to derive key pairs (*)
- [x] Mandate expiration of ClientInitKeys (*)
- [x] Add extensions to GroupContext and flesh out the extensibility story (*)
- [x] Rename ClientInitKey to KeyPackage