You know coincidentally we (the three authors of that paper) were just talking about that very topic in off-list (and PGP encrypted:) email.
I remain keen on forward-secrecy, and it does seem to be in fashion again right now. Personally I think we in the open community need to up our game an order of magnitude. We thought we won the last crypto wars when mandatory key escrow was abandoned, and US crypto export regs basically scrapped. But it turns out instead they just went underground and sabotaged everything they could gain influence over with a $250m/year black budget and limited regard for law, ethics and human rights. Apparently including SSL MITMs using CAs keys. You've got to think (NSA claims to be the biggest employer of mathematicians) that seeing the illegal activities the US has been getting up to with the fruits of their labour that they may have a mathematician retention or motivation problem on their hands. Who wants their life's work to be a small part in the secret and illegal creation of a surveillance state, with a real risk of creating the environment for a hard to recover fascist political regime over the next century if the events allow even worse governments to get in that further overthrow democratic pretense. How about this for another idea, go for TLS 2.0 that combines ToR and TLS, and deprecate HTTP (non TLS) and TLS 1.x and SSL. Every web server a ToR node, every server an encrypted web cache, many browsers a ToR node. Do something to up the game, not just blunder along reacting and failing year on year to deploy fixes for glaring holes. Adam On Tue, Sep 10, 2013 at 08:35:08PM +0200, Fabio Pietrosanti (naif) wrote:
Hi all, i just read about this internet draft "Forward Secrecy Extensions for OpenPGP" available at http://tools.ietf.org/html/draft-brown-pgp-pfs-03 . Is it a still good proposal? Should it be revamped as an actual improvement of currently existing use of OpenPGP technology?
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
