Forward secrecy is definitely more challenging in a high-latency environment like email. It's not impossible, but Signal's double ratchet protocol is designed to be tolerant of reasonably long periods of disconnection (in *very* handwavey terms, that's what the second ratchet in "double" ratchet is there for).One of the things I'm concerned about, with respect to LibrePGP/OpenPGP direction, is it's easy to lose some of the best use cases of *PGP in pursuit of the New Hotness In Crypto.
One of the best use cases is in bootstrapping a secure communications network. From an almost wholly untrusted set of connections, with just a little usage of GnuPG you can bootstrap the maze of technologies we depend upon to communicate safely.
It would break my heart -- and endanger people -- if we lost bootstrapping in the pursuit of PFS and other goals. I'd like it if we could make it a point to remember it as a special high-value use case.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
