core-wg / oscore-key-limits

Other
0 stars 0 forks source link

Recommend lifetime for a Security Context? #16

Open rikard-sics opened 1 year ago

rikard-sics commented 1 year ago

Shall we specify a recommended lifetime or leave it open?

Perhaps relevant:

The TLS 1.2 spec says: "An upper limit of 24 hours is suggested for session ID lifetimes, since an attacker who obtains a master_secret may be able to impersonate the compromised party until the corresponding session ID is retired."