On Wed, Apr 8, 2015 at 9:11 AM, Christoph Anton Mitterer
<calestyo(_at_)scientia(_dot_)net> wrote:
On Wed, 2015-04-08 at 09:05 -0400, Phillip Hallam-Baker wrote:
If I could remember my passphrase then I would not need to revoke.
Which is why people are ever since suggested to create their revocation
when the create their key.
My point here is that if we want to get a billion people using
encrypted mail then it has to offer iPhone class usability, not OK for
1990s usability.
Crypto is not an iPhone.
Mine is.
Mine has no impact at all unless the user is asking 'is this secure'.
I have code that shows this is possible and practical.
Just accept that you can't make a system securely usable if people
aren't willing to learn how it works and put some effort into it.
I don't accept that because it isn't true.
Since key
server enrollment can be made automatic, it would be pretty easy to
renew the enrollment once every n months and discard keys that have
not been renewed for 5 years or for more than a year if there is a
replacement key.
Removing a key (and its associated information like revocations or other
signatures) from the keyservers is generally a break of security, as it
allows for blocking or similar attacks.
And attacker could make a valid key removed just by blocking keys that
haven't been "renewed".
And what is to stop someone maliciously loading up a broken key or an
entirely fraudulent key?
I don't think that you can make a good case for circulating bad data
in case it might be good.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp