Wednesday, November 30, 2011
"Forward Secrecy" will enhance https
Parker Higgins at Electronic Frontier Foundation has an important discussion of a new security enhancement to “https” or encrypted sign-on, and that’s called “Forward Secrecy”. The link is here. Apparently, Google is introducing it with its accounts (to augment remote 2-step verification). With Forward Secrecy, some information needed to decrypt messages in the future is “ephemeral” and is never stored. It’s a kind of “reverse pay-if-forward”.