1994-04-28 - Re: PGP Question:

Header Data

From: Derek Atkins <warlord@MIT.EDU>
To: “Istvan Oszaraz von Keszi” <vkisosza@acs.ucalgary.ca>
Message Hash: 4c919c97caa0b7c18c1275b5a5f9f23c0e6a2ef86745727a906a82c2adbce43e
Message ID: <9404282352.AA07123@toxicwaste.media.mit.edu>
Reply To: <9404282312.AA33925@acs5.acs.ucalgary.ca>
UTC Datetime: 1994-04-28 23:52:09 UTC
Raw Date: Thu, 28 Apr 94 16:52:09 PDT

Raw message

From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 28 Apr 94 16:52:09 PDT
To: "Istvan Oszaraz von Keszi" <vkisosza@acs.ucalgary.ca>
Subject: Re: PGP Question:
In-Reply-To: <9404282312.AA33925@acs5.acs.ucalgary.ca>
Message-ID: <9404282352.AA07123@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain

> Uhh, right.  But all a person has to do is issue a key revocation
> certificate.  Now if someone CAN'T issue a signed certificate, then
> that is a problem.  

The point is that someone shouldn't NEED to revoke their key if all
they are doing is changing their email address.

What if the binding of the userID is a result of a position that you
hold... For example, I am the owner of a company and I sign people's
identifiers, saying that they are employees of mine, and possibly what
their position is.  Now say I fire someone, I want to be able to
revoke my signature since the binding is no longer valid!  But I
shouldn't need to force them to generate a new key.

> Did you say you were at MIT?  

This is a joke, right?


         Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       warlord@MIT.EDU    PP-ASEL     N1NWH    PGP key available