>Date: Fri, 28 Aug 2009 02:37:02 -0400 >From: Faramir <faramir...@gmail.com> >Subject: Re: rotating encryption sub keys
> What if I want to be able to decrypt an old email message? to decrypt any old messages is easy, although somewhat tedious ;-) before you destroy your encryption/decryption key, decrypt all the messages/files encrypted to that key, using the option of --show-session-key then copy the session key as a 'comment' into the encypted message then zip all the encrypted files with their session keys together, and encrypt the zip file to your new encyption key >If my >encryption key was compromised, and my messages were sniffed, I >get no >advantage in deleting my copy of the key and the messages, the >attacker >has his own copy of them, and surely won't delete them. agreed, the only usefulness i can see practically for such a feature, is if you want to retain a certain anonymity, and you create a new key and give that public key to only certain individuals, or keep it for your own uses, and then revoke your old key, and 'disappear off the grid' ;-) i don't see any advantage if the key is already compromised and the attacker has the encrypted messages vedaal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
