rotating encryption sub keys

Faramir faramir.cl at gmail.com
Fri Aug 28 08:37:02 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

David Shaw escribió:
...
> Incidentally, there have been proposals to add forward security
> extensions to OpenPGP.  See http://www.apache-ssl.org/openpgp-pfs.txt

  As a side note, I am not sure I like these proposals...

"Therefore when a public
    encryption key expires, an OpenPGP client MUST securely wipe the
    corresponding private key [4]."

  What if I want to be able to decrypt an old email message? If my
encryption key was compromised, and my messages were sniffed, I get no
advantage in deleting my copy of the key and the messages, the attacker
has his own copy of them, and surely won't delete them.


"2.2 Key surrender

    Before an OpenPGP client exports a private key as plaintext, the
    associated public key MUST be revoked and redistributed. A "reason
    for revocation" signature subpacket MUST be included in the key
    revocation specifying "Key material has been compromised" (value
    0x02)."

  That would prevent the storage a paperkey backup of the key, if the
key doesn't have a passphrase (which could be a good idea, if we assume
paper allow long term storage, and maybe in 10 years I won't remember
the passphrase I was using at the time I made the backup). Of course
that paper backup should be stored in a safe or something like that.


   Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJKl3sOAAoJEMV4f6PvczxAjBkH/0+xBZG+gfcdcjz6FjoeyIm5
cHrp97ionXfyuTxYQqUzh/b02md0c6WhMrK1lB2g0qdXZ/alYoCj7T309nqk3aCR
KuOPBnaqWo+2rRcA0sdbVc6SPGQSPx+/84FrWn9cOavq5jp5fEBaDQ3AWvT9E2nL
ob2myYrIikgs/jA1aNKqV0w5IwYXxG8OjyX6c1GVCQgy3XZE7fAyOegAYeqdMK+W
w1lot550ZT0+NHg2H8YUD9pskONhnWJyy4N8JCNS70eRJ1SUlGxGnSCOBCqxgzUx
jczdDgqdZyAhsBmShGJcaHgKPDBqeXRxw7KYgM/wyxomIAbsrR7yWMffzxss0Xc=
=prj+
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list