[cryptography] DeCryptocat

Nadim Kobeissi nadim at nadim.cc
Fri Jul 5 01:12:25 EDT 2013


On 2013-07-05, at 6:59 AM, Cool Hand Luke <coolhandluke at coolhandluke.org> wrote:

> Signed PGP part
> On 07/05, Nadim Kobeissi wrote:
> > On 2013-07-05, at 3:15 AM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> > > Has there been a rotation of the certificate and keying material for
> > > all services that serve CryptoCat chat traffic?
> > 
> > Rest assured we're working on it as an extra precaution (as mentioned
> > in the blog post). Also, our services use SSL forward secrecy.

Just an update that we've finished rotating the SSL keys:
https://twitter.com/cryptocatapp/status/353018036510404608

> 
> any chance that you'll be using an hsm (preferably) or a smart card (at
> the least) for generation and storage?

An EntropyKey is used, but no other special hardware is employed.
Aside from this, typical precautions are taken.

NK

> 
> - -chl
> 
> - --
> cool hand luke
> 
> 
> 
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130705/146c0184/attachment.asc>


More information about the cryptography mailing list