You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Encryption/decryption keys that are used by client and server may expire or revoked any time! Currently the system does not explicitly handles such situations, and most likely won't work on its own, which will require manual manipulation of keys on both client & server sides in case of such a case.
Proposition
Add a key revocation scheme and overwrite expired/revoked keys with fresh ones. (Related to Old Keys are not overwritten #6 )
Check whether the keys in drive are updated, remove old key (don't just blatantly import what's there)
Need to be careful about security weaknesses here, make it clear what are we assuming
Actively request fresh keys from either side. (which will require a daemon to listen and respond such requests)
Problem
Encryption/decryption keys that are used by client and server may expire or revoked any time! Currently the system does not explicitly handles such situations, and most likely won't work on its own, which will require manual manipulation of keys on both client & server sides in case of such a case.
Proposition