On Fri, Jan 3, 2014 at 11:42 AM, coderman <coderman@gmail.com> wrote:
use case is long term (decade+) identity ... key signs working keys tuned for speed with limited secret life span (month+).
i should have better clarified intent: - long term keys are offline, otherwise better protected (for arbitrary degrees of "beyond the everyday level"). thwarting active attacks or chosen input attacks is explicitly intended. - long term keys can be large, or slow, or demand elevated protections and blinding, or other mechanisms which aggravate to point of disabling or calling to costly with respect to the working / short term keys. applying all reasonable protections is specifically intended. - long term keys may be M of N threshold schemes for group or ceremony based attestations for other long term keys, working keys, or secure identifiers in general. said another way, long term keys are specifically intended as trust anchors in public key systems of various types. thanks all for the input that followed; i appreciate it! best regards,