diff --git a/www.i2p2/pages/how_cryptography.html b/www.i2p2/pages/how_cryptography.html
index 93e63f82..cc5cf98b 100644
--- a/www.i2p2/pages/how_cryptography.html
+++ b/www.i2p2/pages/how_cryptography.html
@@ -287,7 +287,8 @@ using the router's identity to proceed with a station to station agreement, foll
 some encrypted protocol specific fields, with all subsequent data encrypted with AES
 (as above).
 A possible enhancement is to use session tags like we do with 
-<a href="how_elgamalaes">ElGamalAES+SessionTag</a> to avoid the 2048 bit DH negotiation.  
+<a href="how_elgamalaes">ElGamalAES+SessionTag</a> to avoid the 2048 bit DH negotiation.
+However, this enhancement would remove the 'perfect forward secrecy' DH provides.
 <p>
 In order to migrate to a more standardized implementation (TLS/SSL or even SSH), the following issues must be addressed:
 <p>