At 02:16 PM 5/4/00 -0400, William Allen Simpson wrote:
>In response to Perry's editorial comment:
...
>Once the private RSA key is _destroyed_ PFS is attained.
Right. The thing is, usually you think in terms of generating a new key
for every communication session and then discarding the key at the end of
the session. This is a lot cheaper for Diffie-Hellman keys than for RSA
keys, but you can certainly do it in principle.
>Note that it is the inability to recover secret information that
>provides "perfect" forward secrecy, moving from "hard" to "impossible".
>[EMAIL PROTECTED]
> Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
--John Kelsey, [EMAIL PROTECTED]