gpg4win expired code signing cert; please renew.

[Robert J. Hansen]

> I would say you failed.

I'm not trying to convince you.

I'm revealing to the world you might not be someone worth taking
cryptographic engineering advice from.

> You still haven't shown the scheme to be less secure than the 
> strongest mechanism.

Correct. I have, however, put out a single genuine question which you
need to be able to answer before I'll take your idea seriously: "does
your proposal form a group?"

Answer with mathematical rigor and we can keep talking.

> It is an interesting result you are proposing that I could download 
> an encrypted file from you, and without knowing what keys you used: 
> encrypt it a second time in order to weaken the security of that 
> payload.

That is, in fact, a possibility. It's one we wish to avoid. This is why
I ask, "does your proposal form a group?"

>> NSA isn't expecting it'll be available to their enemies until 
>> 2055. Add fifteen years to that and you're projecting out to 2070.
> 
> That may end up being an overly optimistic scenario.

On the one hand there's the United States National Security Agency, the
world's largest employer of cryptographers and cryptographic engineers,
who have a multibillion-dollar research budget, who have a very real
interest in producing sound information security policies to keep their
25-year secrets safe from some of the most cunning, underhanded, well-
equipped, well-funded, and smartest adversaries in the world --

And on the other hand there's Jay from the internet saying large quantum
computers could appear 30 years earlier than NSA's projections.

Does your proposal form a group?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251016/9ac38066/attachment.sig>