Name: Anonymous 2016-11-03 17:57
Why don't websites use public keys for authentication instead of passwords?
but then you're constantly generating private/public keypairsJust like how every forward secrecy scheme does.
because they're usually neither big enoughSize does not affect the speed of public key cryptography in gpg. gpg only encrypts the AES key with the pub key.
in a normal HTTP connection, packets are sent often enough for this to considerably slow down browsing and there's nothing preventing you from performing DHKE.Which means that you can perform DHKE when you use gpg over http.