more forward secrecy
Eric Hughes
hughes at ah.com
Tue Jul 26 10:44:02 PDT 1994
But I leave nearly all PGP-encrypted messages to me in encrypted form,
using the "decrypt to screen" option. So communicated and stored
messages are largely the same.
This is exactly the situation I referred to yesterday. It's extremely
common, I suspect. Tim does it, I do it, and I've no reason to
believe that most people do it differently.
Keeping the messages around encrypted with your private key does _not_
have forward secrecy. Forward secrecy is a valuable property, and it
behooves us to think about how to achieve it.
Eric
More information about the cypherpunks-legacy
mailing list