On Wed, Aug 28, 2013 at 9:49 AM, Travis McCrea <m...@travismccrea.com> wrote: > I think my only complaint (that doesn't seem to be mentioned, though I could > have missed it) is that the email address is generated with your key. This > means that you have to create a whole new email account every 6 - 12 months > for optimal security. I would suggest that you should allow people to alias > their username to their email address, but also realize that doing so would > kill one of your security advantages.
A compromise is not necessary — in cables, the hash is based on root certificate, whereas DH peer keys are signed with a lower-level certificate's private key, which may have different lifetime. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.