ietf-openpgp
[Top] [All Lists]

Re: Forward secrecy

2000-07-16 20:43:43

Section 3 describes one-time keys, that are sent with messages to
allow a the recipient to reply with immediate forward secrecy
(immediately after receipt).

I wonder if we could use a one-time key server to avoid the need for
interactive use of email (need a reply from the recipient to get a key
to reply to).

Lets say we add a new function to keyservers which is that you submit
a whole bunch of keys, and it hands them out on request, and deletes
them after they've been received.

I guess there's a pretty easy DoS there -- someone just goes and
repeatedly downloads all available keys, to deny others the ability to
obtain one-time keys.

There might be some weak approaches to resist this DoS (eg refuse to
provide more than one one-time key per time period to the same IP
address), but they are just that -- weak.

Adam

<Prev in Thread] Current Thread [Next in Thread>