CONFIG_ANDROID
Jason A. Donenfeld
Jason at zx2c4.com
Thu Jun 30 11:41:43 UTC 2022
On Thu, Jun 30, 2022 at 06:47:38AM -0400, tlhackque wrote:
> FWIW: Having watched the discussion about CONFIG_ANDROID, it occurs to
> me that there's an alternative for WireGuard that sidesteps the issue.
>
> From the last patcheset, it seems that the only use in WireGuard is to
> avoid clearing keys on every wake-up.
No, it clears keys before sleeping.
>
> So: Why not timestamp key-clear events, and establish a minimum interval?
Because we don't know when we're going to wake up again, and the
objective is to maintain forward secrecy.
Jason
More information about the WireGuard
mailing list