[Top] [All Lists]

Re: [openpgp] Intent to deprecate: Insecure primitives

2015-03-17 10:05:00
Bill Frantz <frantz(_at_)pwpconsult(_dot_)com> writes:

On 3/16/15 at 6:51 AM, warlord(_at_)MIT(_dot_)EDU (Derek Atkins) wrote:

Oh, you expected me to decrypt/re-encrypt my encrypted email as I got it???

For many uses, decrypting from the wire format and re-encrypting in
the "data at rest" security format makes excellent sense. Having only
one encryption scheme for long-term storage allows easy (relatively)
upgrade and helps to ensure that the data is still accessible,
i.e. the decryption still works. I probably have a bunch of old PGP
encrypted email I can't read anymore because I don't have the secret
key, or its passphrase. If that mail had been re-encrypted in a format
that I decrypt every day, I would still be able to read the
mail. Encryption that isn't regularly exercised gets rusty.

Show me an MUA that does this, please?  None of the OpenPGP-aware MUAs
I've ever used have this feature, as far as I know.  I suppose I could
go out of my way to replace the encrypted email with a
re-encrypted/plaintext email.

But frankly I'd like my encryption software to just maintain the ability
to decrypt it later.

Cheers - Bill

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL:    PP-ASEL-IA     N1NWH
       warlord(_at_)MIT(_dot_)EDU                        PGP key available

openpgp mailing list