Howard Chu wrote:
You might argue that the MIT approach is more correct, but I would say that it's highly inconsistent, and inconsistency is highly undesirable in a security mechanism. For instance, by your thinking, if you decide that security contexts must all be invalidated whenever and wherever they are changed, then you also need to close all connections whenever somebody changes their password, because any sessions established with the old password must now be considered invalid.
Not at all. My password has no role in protecting that connection once it has been established.
No, but it allowed you to establish the connection in the first place. As such, by your logic, changing it should invalidate the connection.
Sorry, but this is rubbish. By your logic, if one joins a conspirative gathering using a secret password and then is told than in future there is a new secret passphrase, he would then be required to leave the room again an reenter it using the new passphrase. There is absolutely no security value in this, just a small entertainment value perhaps.
Reestablishing expired encryption keys clearly has a security value, due to brute force issues on current connection keys.
But if somebody has brute-forced your initial shared secret to establish the connection an you have changed it in the meantime, he will not be more able to establish a connection if you keep that old connection.
Bye Tim