more forward secrecy

Eric Hughes hughes at ah.com
Tue Jul 26 10:44:02 PDT 1994


   But I leave nearly all PGP-encrypted messages to me in encrypted form,
   using the "decrypt to screen" option. So communicated and stored
   messages are largely the same.

This is exactly the situation I referred to yesterday.  It's extremely
common, I suspect.  Tim does it, I do it, and I've no reason to
believe that most people do it differently.

Keeping the messages around encrypted with your private key does _not_
have forward secrecy.  Forward secrecy is a valuable property, and it
behooves us to think about how to achieve it.

Eric






More information about the cypherpunks-legacy mailing list