On Friday 18 July 2014 19:21:05 Hauke Laging wrote: > Am Fr 18.07.2014, 09:46:14 schrieb Doug Barton: > > Hauke, > > > > I think you skated past a previous question about your idea, and I'm > > also interested in the answer so I'll ask it again. :) > > > > If you have a secure channel of communication by which you can > > exchange the symmetric password (which you would need to make your > > scheme work), why don't you use that channel for communication, > > rather than e-mail? > > If I have understood everything right then this is not the same > question. > > But I am really surprised that you ask why you should communicate via > email with someone "though" you e.g. meet him once per month. Or with > someone whom you could call instead. Is that really your question? > > Symmetric keys and fingerprints have to be exchanged through a secure > channel only once.
Sure. But the fingerprint is only used once (for verifying the key). And it's not even secret information, so exchange via an insecure channel is not an issue (at least, not a severe issue). OTOH, symmetric keys really should be exchanged via a secure channel. Moreover, reusing a symmetric key is a big no-no. And exchanging a new symmetric key for each new message is completely impractical (unless you use assymmetric keys for this). Exchanging a large number of symmetric keys at the same time is a bit less impractical, but then you need to keep track of which symmetric key is used next. Long ago people have found a good solution for all those problems concerning the exchange of symmetric keys: Assymmetric encryption. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
