Hacker News new | past | comments | ask | show | jobs | submit login

> I’ve had the same GPG key for 15 years or so and plan on never changing it unless the key is compromised

GPG has no forward secrecy, so 15 years of your "encrypted" communications are at risk. Not a great model for secure messaging.




It’s pretty good. If my private key is compromised all those 15 years of comms are compromised no matter how I slice it, right?

How would I protect against this risk?


You use encryption schemes with forward secrecy, which has been the standard for years.

Compromising my permanent Signal private key, for example, does not allow previous messages to be decrypted.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: