[mlissner]

We’re familiar with vulnerability disclosure philosophies, but what if the problem can’t be fixed because there’s no forward secrecy for the hundreds of millions of documents that are already out there?

It’s tricky stuff and we have limited resources, unfortunately.

[btreecat]

>, but what if the problem can’t be fixed because there’s no forward secrecy for the hundreds of millions of documents that are already out there?

What if you are not the only folks who have found and exploited this vulnerability?

You can play the "what if" game to justify not doing the right thing all day long, when really it should be one "if" that guide you. What if someone else found this?

[opello]

So what is the state of the art in redaction? Re-publish the document with an insert that says [redaction] so that no (or maybe minimal) length side-channel exists? I imagine someone thinks about clever ideas and it would be fun to read about them and the trade-offs.