rotating encryption sub keys

Faramir faramir.cl at gmail.com
Mon Aug 31 09:05:05 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

David Shaw escribió:
> On Aug 28, 2009, at 2:37 AM, Faramir wrote:

...
>> "Therefore when a public
>>    encryption key expires, an OpenPGP client MUST securely wipe the
>>    corresponding private key [4]."
...
> The idea of PFS is not one that works for all situations.  For those
> that do want PFS semantics, the draft merely shows how to do it in the
> context of OpenPGP.  Nobody is required to do this.  It's strictly opt-in.

  Sorry, I thought it was a proposal to change the way OpenPGP works, I
didn't understand it is to add more "modes" to it...

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJKm3YhAAoJEMV4f6PvczxApRkH/ihdZgIM2mpR66QpMoi0oO5u
d7GU1R4Jd1n+mYMUnAmy5vQpz3DfFUnmuST7jQJ4XXFqbKI6mPTi+E2SXtG9W2Kd
eY2JARK0IcNgAgOoV2Xl4n/bYMWLr5R1g1P4NVMWLluawG/9cSLunmE2jwwEkO3r
exFhQseRj+O7ptsIIbk66nAXU5YGBq9V/FFFPO6ZXIo4/zZl9e9/ScHcm9bUQJL8
bpPnYjYmzFU5UIgdpWEEF5UMhRUWExPtMFbF/Q9/TdcXypomlykF5mP7yfBrS/J7
PRsKQJ28TNid7L5dqgGC4FVPhNmGWNUcipepKrHGO8vCDrq1sUcu7roKlnnEiP8=
=PQum
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list