symmetric email encryption
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jul 18 19:49:54 CEST 2014
> Symmetric keys and fingerprints have to be exchanged through a secure
> channel only once.
Whoa, let's back that up a moment.
Fingerprints and symmetric keys need to be exchanged *as often as they
change*. Which, in the case of symmetric keys, is quite frequently.
If/when a key is compromised, all traffic that has been generated or
will be generated with that key gets compromised, and there's no
guarantee about whether you'll know the key is compromised -- so it's
only sane to have an agreed-upon rekeying policy. "Keys will be used
for three days tops", for instance, limits your exposure to a three-day
window, but it requires you to rekey every few days.
Key management is a killer problem. If you don't take it dead seriously
it'll hug you and love you and name you George[*].
More information about the Gnupg-users