ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] OpenPGP private certification

2015-04-08 08:44:13
from [Derek Atkins] [Permanent Link] 
Phillip Hallam-Baker <phill(_at_)hallambaker(_dot_)com> writes:


On Wed, Apr 8, 2015 at 6:53 AM, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:

On Thu,  2 Apr 2015 18:09, phill(_at_)hallambaker(_dot_)com said:


Since the key servers won't allow me to revoke the cert for the
private key I have no control over, I think that it would be more


They allow that but you need to have a key prepared for this:

 5.2.3.15.  Revocation Key

   (1 octet of class, 1 octet of public-key algorithm ID, 20 octets of
   fingerprint)

   Authorizes the specified key to issue revocation signatures for this
   key.  Class octet must have bit 0x80 set.  If the bit 0x40 is set,
   then this means that the revocation information is sensitive.  Other
   bits are for future expansion to other kinds of authorizations.  This
   is found on a self-signature.

("gpg --edit-key, addrevoker" to set such a key and "gpg --desig-revoke"
 to issue a revocation)


If I could remember my passphrase then I would not need to revoke.

My point here is that if we want to get a billion people using
encrypted mail then it has to offer iPhone class usability, not OK for
1990s usability.


Werner's point is that you can set up anyone to be your designated
revoker.  It doesn't have to be *YOUR* key, you can designate your
mother, your wife, your child, or even your, gasp, CA!! to be a
designated revoker.


There are plenty of ways that the scheme could be fixed. Since key
server enrollment can be made automatic, it would be pretty easy to
renew the enrollment once every n months and discard keys that have
not been renewed for 5 years or for more than a year if there is a
replacement key.


That's not the same thing as actually *revoking* the key.


Having the key servers continue to regurgitate false or stale data
forever because there is no way to stop them does not seem like an
acceptable plan to me.


This is also a reasonable goal, but completely separate from revoking
your key.  Revocation is (as you well know) a cryptographic assertion,
not a "database" concept.  Indeed, you would want to continue to
distribute a revoked key so that people who have it cached locally will
update with the revocation data!

-derek

-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] OpenPGP private certification, Werner Koch
Next by Date:  Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker
Previous by Thread:  Re: [openpgp] OpenPGP private certification, Ben McGinnes
Next by Thread:  Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], ianG
Indexes:  [Date] [Thread] [Top] [All Lists]