Discussion on the lifetime of a Security Context

[rikard-sics]

Created by: Marco Tiloca

This can go again in Section 3.1.

The absolute time used as value of 'exp' has to be determined when locally installing the Security Context at time t_1, by adding a lifetime value to t_1. That lifetime can be a default value (possibly different between the two peers), or agreed in-band as part of the synchronized Security Context establishment (e.g. an OSCORE LwM2M object), or part of the used EDHOC Applicability Statement.

[rikard-sics]

Feedback from John during CoRE interim April 28: We should clarify what "lifetime of a Context"/"expiration of a Context" means. In particular this refers to the Sender/Recipient keys used and the fact that they have "expired" and shall no longer be used.

[rikard-sics]

Perhaps relevant.

The TLS 1.2 spec says: "An upper limit of 24 hours is suggested for session ID lifetimes, since an attacker who obtains a master_secret may be able to impersonate the compromised party until the corresponding session ID is retired."