> I think what Hauke meant was an exchange of the *passphrase* for the > symmetric encryption, not the session key.
Same issue, although now you're sharing the seed to a random number generator for which you want the seed to expire very quickly. You can mitigate this somewhat using gating and some other RNG tricks, but fundamentally it's the same problem: once the passphrase goes, the security of the entire system goes, so therefore change the passphrase frequently. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
