Forward Secrecy Extensions for OpenPGP

Document Type Expired Internet-Draft (individual)
Authors Ian Brown  , Ben Laurie 
Last updated 2001-10-08
Stream (None)
Intended RFC status (None)
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The confidentiality of encrypted data depends on the secrecy of the key needed to decrypt it. If one key is able to decrypt large quantities of data, its compromise will be disastrous. This memo describes three methods for limiting this vulnerability for OpenPGP messages: reducing the lifetime of confidentiality keys; one-time keys; and the additional use of lower-layer security services.


Ian Brown (
Ben Laurie (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)