From a05e661aad8d0b6b1f9705fc45a9b4871bbdf97d Mon Sep 17 00:00:00 2001
From: mathiasdm <mathiasdm@mail.i2p>
Date: Wed, 25 Aug 2010 20:40:13 +0000
Subject: [PATCH] Mentioning of perfect forward secrecy being removed if we use
 only ElgamalAES (thanks, welt!).

---
 www.i2p2/pages/how_cryptography.html | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/www.i2p2/pages/how_cryptography.html b/www.i2p2/pages/how_cryptography.html
index 93e63f82..cc5cf98b 100644
--- a/www.i2p2/pages/how_cryptography.html
+++ b/www.i2p2/pages/how_cryptography.html
@@ -287,7 +287,8 @@ using the router's identity to proceed with a station to station agreement, foll
 some encrypted protocol specific fields, with all subsequent data encrypted with AES
 (as above).
 A possible enhancement is to use session tags like we do with 
-<a href="how_elgamalaes">ElGamalAES+SessionTag</a> to avoid the 2048 bit DH negotiation.  
+<a href="how_elgamalaes">ElGamalAES+SessionTag</a> to avoid the 2048 bit DH negotiation.
+However, this enhancement would remove the 'perfect forward secrecy' DH provides.
 <p>
 In order to migrate to a more standardized implementation (TLS/SSL or even SSH), the following issues must be addressed:
 <p>