[messaging] Do quantum attacks/algos also lead to compromise of PFS?

[Morten Linderud]

Jacob Applebaum did talk about NSA storing encrypted communication in databases for future decryption during 31C3.
Not sure how big the scope is, but consdering that, it does not seem that unlikely? Am i wrong?

On 01/24/2015 11:26 PM, Joseph Bonneau wrote:
> Because we all assume there quantum computers do not exist today, it is okay to protect the key exchange with a non-quantum-safe scheme since a future adversary can't do a middleperson attack
> retroactively, which I think is a cool insight.