Forward Secrecy

This I-D has been through WG last call back in 2001 or so. At thatpoint, something went wrong and it got sat on. Unfortunately, I didn'thave time before the deadline to convert it to the new format, but itnow is, and I'd like to try to introduce it as a work item for the WG.I'll send it to the I-D editor, but in the meantime, its available here:


http://www.links.org/dnssec/draft-brown-pgp-pfs-04.html
http://www.links.org/dnssec/draft-brown-pgp-pfs-04.txt

Forward Secrecy Extensions for OpenPGP

"The confidentiality of encrypted data depends on the secrecy of the keyneeded to decrypt it. If one key is able to decrypt large quantities ofdata, its compromise will be disastrous. This memo describes threemethods for limiting this vulnerability for OpenPGP messages: reducingthe lifetime of confidentiality keys; one-time keys; and the additionaluse of lower-layer security services."


Comments, please!

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

<Prev in Thread]	Current Thread	[Next in Thread>
Forward Secrecy, Ben Laurie <= Re: Forward Secrecy, Jon Callas Re: Forward Secrecy, Ian G Re: Forward Secrecy, Ben Laurie Re: Forward Secrecy, vedaal Re: Forward Secrecy, "Hal Finney" Re: Forward Secrecy, Ian G

Previous by Date:	Re: Tighter MPI spec (and on keychains), Ian G
Next by Date:	Re: Forward Secrecy, vedaal
Previous by Thread:	Tighter MPI spec (and on keychains), Rick van Rein
Next by Thread:	Re: Forward Secrecy, Jon Callas
Indexes:	[Date] [Thread] [Top] [All Lists]