[jdev] Re: JEP-0027 (OpenPGP) implementation question
Justin Karneges
justin-keyword-jabber.093179 at affinix.com
Tue Mar 7 16:49:58 CST 2006
On Tuesday 07 March 2006 14:12, Peter Saint-Andre wrote:
> So the repudiability and perfect forward security aspects of OTR don't give
> me much comfort in the real world.
Exactly.
Interesting of you to bring up forward secrecy here. I believe that's where
if your public key is compromised, your past session keys aren't. TLS has
this (and probably SSH also), and I'd consider this to be a generally useful
feature. However, in the context of IM, where you're sending your content to
another party with a large chance of it being logged, forward secrecy seems
to be a lot less useful.
-Justin
More information about the JDev
mailing list