1996-01-06 - Re: Revoking Old Lost Keys

Header Data

From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 5fbd65eb27defdce3d8981942881c65999b69cff0cac890cccc4c8a7826a2cca
Message ID: <199601061803.NAA17075@thor.cs.umass.edu>
Reply To: <ad13f5e103021004cdef@[205.199.118.202]>
UTC Datetime: 1996-01-06 18:32:21 UTC
Raw Date: Sun, 7 Jan 1996 02:32:21 +0800

Raw message

From: futplex@pseudonym.com (Futplex)
Date: Sun, 7 Jan 1996 02:32:21 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Revoking Old Lost Keys
In-Reply-To: <ad13f5e103021004cdef@[205.199.118.202]>
Message-ID: <199601061803.NAA17075@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:
> If one can safely and securely store a revocation certificate for later
> use, why not just store the much shorter passphrase?

Well, you're dealing with very different threats in the two cases AFAICS. 
With your passphrase and private key, someone can forge your signature, read
your encrypted incoming mail, etc. With your revocation certificate and 
private key, about all they can do is revoke your key and force you to
create a new one. I certainly find the latter prospect much less alarming --
by far the lesser of two evils. Heck, it's good to update keys periodically,
so they might even be doing me a favor of sorts ;)

Futplex <futplex@pseudonym.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMO65WSnaAKQPVHDZAQEIngf+OnXNLpkc4MlE+F0O24lCgso29k0cYRiW
jOHKJJfl9ryfaM/WT8eyRLIbWhO7A2qMGSF9nlRUCuhLBgQuX6tmboTwDPW3RPzq
jKbZ6LO615w0xPhZpDQO/B963sF0UOcIc0v49k1Ua6biUeEQ/0luYn7nQPD9RVDV
pb0qkk201qgVDkXXxPR+hN/HXstI0mc2+HjQjAhHiIOLyiMN3aPwGDH1XmHP5UiE
TVw+M9cAqyC863KMg+WEkIGXvdwLJ2or6QQ07i50Zwl905mSFd9+nHVx5HLbkKFa
UZvwU46zZXx069MIKHLFY2hX1ZqgR5eGGHUa6bZbMkeIjSl50IzILA==
=ssJd
-----END PGP SIGNATURE-----





Thread