|
|
|
|
|
|
by beermonster
1842 days ago
|
|
|
Yup that’s basically how it works. Usually when PFS is involved the keys are session based as opposed to using the same keypair for every session. This mitigates passive monitoring and future private key compromise/legal pressure permitting historic decryption of sniffed TLS sessions. |
|
|