Seems to me neither of you read the reference I gave:
I (Adam) wrote:
It is tricky to get forward secrecy for store-and-forard messaging [2],
but perhaps you could incorporate rekeying into your protocol in some
convenient way.
...
[2] http://cypherspace.org/adam/nifs/
Not impossible just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/02/13 02:49, Jonathan Warren wrote:
Suppose when Alice firsts sends a message to Bob she also includes
a short term public key. Bob takes the short term public key and
encrypts symmetric_key_1 (SK1) and also encrypts a message with
SK1 and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/02/13 02:49, Jonathan Warren wrote:
Suppose when Alice firsts sends a message to Bob she also includes
a short term public key. Bob takes the short term public key and
encrypts symmetric_key_1 (SK1) and also encrypts a message with
SK1 and
* Peter Gutmann:
I've just done a quick tally of the certs posted to
http://www.ccssforum.org/malware-certificates.php, a.k.a. Digital
Certificates Used by Malware. Looks like Verisign (and its
sub-brand Thawte) are the malware-authors' CA of choice, selling
more certs used to sign malware