[This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Eric writes:
someone (Alex Strasheim ?) writes: Perhaps we would have a default web, which would have everyone's key in it.
This is a really bad idea. Some "public" keys should not be made public, but rather revealed only to the correspondent. Forward secrecy is the reason. If the public key has never been in the possession of an opponent, and assuming the results of the public key operation yield little or no information about the modulus, then when the keys are changed and destroyed, no amount of factoring can find the private key because the public key isn't around to factor.
If you're not going to make the public key public, why use public key cryptography at all ? Save time and effort and use a symmetric cipher. - - -L. Futplex McCarthy; PGP key by finger or server "Don't say my head was empty, when I had things to hide...." --Men at Work - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt6Eq2f7YYibNzjpAQGIJQQAvKd0jyHXkaNfXp787EXQl/dXMYUXz8dB dF9NF9tiYp761ZwtkeKOoASZGYWvygO+8nseE/1pFz9Gns1XkUM0uyHvg4nvgIWj CJHtVsbV2rtRFZfIjDwD3wqsfRTRms5JvFcRpUsOSKol93hcabnIf3Vx9EAdIUSv hEtvQUBhzKY= =3yjE - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt6F9SoZzwIn1bdtAQFUvwGAhbycPCwIjZGjGeNMWkgnxQUJw6v2RpU3 Z2hvAV6sSiz3+wyLlkR+Nz9nTgRHqjWT =RaG/ -----END PGP SIGNATURE-----