From: Greg Rose <Greg_Rose@sydney.sterling.com>
To: cypherpunks@toad.com
Message Hash: defd438da04c3012faa106dff1b4d8cabdd85c226d876b36d5d61589c178f17b
Message ID: <pgpmoose.199601081027.31093@paganini.sydney.sterling.com>
Reply To: <2.2.32.19960106101559.00919d9c@mail.teleport.com>
UTC Datetime: 1996-01-07 23:47:41 UTC
Raw Date: Mon, 8 Jan 1996 07:47:41 +0800
From: Greg Rose <Greg_Rose@sydney.sterling.com>
Date: Mon, 8 Jan 1996 07:47:41 +0800
To: cypherpunks@toad.com
Subject: Re: Revoking Old Lost Keys
In-Reply-To: <2.2.32.19960106101559.00919d9c@mail.teleport.com>
Message-ID: <pgpmoose.199601081027.31093@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain
There hav been a lot of replies to the original
question, but I think a lot of people are missing
a simple solution.
>>At 7:07 AM 1/6/96, Bruce Baugh wrote:
>>>I'd like to bring up a problem I haven't seen addressed much yet, and whic
h
>>>I think is going to come up with increasing frequency as PGP use spreads.
>>>
>>>The problem is this: how can one spread the word that an old key is no
>>>longer to be used when one no longer has the pass phrase, and cannot
>>>therefore create a revocation certificate?
You create a revocation certificate at the time
you create the key, and store it somewhere (I'd
recommend putting it on a floppy). Then either
give it to your lawyer, with a note saying "If I
forget the passphrase, give me back this", or
just write a note to yourself, and store it in a
place where you'll find it when the time comes.
It is inconvenient if a nasty third party finds it
while you were still using the key, but much less
damaging than if they found the password.
(Someone wrote that PGP doesn't support revocation
certificates. This is not correct.)
Greg.
Greg Rose INTERNET: greg_rose@sydney.sterling.com
Sterling Software VOICE: +61-2-9975 4777 FAX: +61-2-9975 2921
28 Rodborough Rd. http://www.sydney.sterling.com:8080/~ggr/
French's Forest 35 0A 79 7D 5E 21 8D 47 E3 53 75 66 AC FB D9 45
NSW 2086 Australia. co-mod sci.crypt.research, USENIX Director.
Return to January 1996
Return to “Greg Rose <Greg_Rose@sydney.sterling.com>”