encrypting to expired certificates

Peter Lebbing peter at digitalbrains.com
Tue Sep 16 18:53:53 CEST 2014

On 16/09/14 16:31, Robert J. Hansen wrote:
> And how much impact did this really have on you?  What was to prevent
> you from using symmetric encryption?  It's not as if you don't have a
> secure communication channel with yourself over which a symmetric key
> can be negotiated.

Because I was archiving the file for later use and I had no desire to
come up with a good passphrase and try to remember it for I don't know
how long.

> You can't argue that these aren't real users. You can't argue it's not a
>> real impact.
> Sure I can.  You weren't really impacted by it.  You had easy
> mitigations available to you.

Ouch, that's really selective quoting you're doing. In one day you
object to people misunderstanding what you say and twist the words of
another. The very next sentence handles exactly this: how large the
impact is. In that context, I was clearly referring to "real" as in
"existing" not as in "significant", and you know it.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list