Which TLS feature ensures past sessions can't be decrypted if the server's private key is later compromised?

1Certificate pinning
2OCSP stapling
3Forward secrecy via ephemeral key exchange✓ correct
4Extended Validation (EV) certificates
ECDHE/DHE generate a fresh key pair per session; the session keys are never derived from the long-term private key, so past captures can't be retroactively decrypted.

Forward Secrecy (PFS) via ephemeral key exchange (ECDHE/DHE).

References

MDN TLS

Practice this in the app →