Closed pierre-l closed 1 year ago
It sure seems odd to me for SharedSecret
to be serializable. Its purpose is to be established without ever being transmitted over the wire.
I’m not sure what use cases you have in mind, but in pretty much any of them I would think it makes more sense to derive some other value from the SharedSecret
first before transmitting it over the wire, which allows it to be bound to a particular application. That’s how e.g. TLS 1.3 session resumption works, for example.
To be frank I'm not 100% sure I will need this, but even if I do it will not exactly be transmitted over the wire. I'll get back to you once I get a more expert opinion on the exact use case.
I'm closing this until I get more details on the exact use case.
Hello!
All is in the title: I'd like for
SharedSecret
to be (de)serializable. Is this fine?