1997-01-17 - Re: Key Revokation Scheme

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: harka@nycmetro.com
Message Hash: 04bdcf018ec9a241b37bdcc72a0d6b3f043da5482c86e01a308514a2e7dd4ccd
Message ID: <3.0.1.32.19970117120914.00639400@popd.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1997-01-17 20:12:10 UTC
Raw Date: Fri, 17 Jan 1997 12:12:10 -0800 (PST)

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 17 Jan 1997 12:12:10 -0800 (PST)
To: harka@nycmetro.com
Subject: Re: Key Revokation Scheme
Message-ID: <3.0.1.32.19970117120914.00639400@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:32 PM 1/14/97 -0500, harka@nycmetro.com wrote:
>I started thinking about the issue, how to set up a system to have
>somebody else revoke your key for you, if you don't have the means
>to do so yourself.
>The possible case I had in mind was, what if you're maybe a
>dissident, you get arrested and your apartment (incl. disks/keys)
>gets raided. You don't have any means to revoke the key yourself,
>don't even have e-mail in general, and with the "one phone call",
	[.... method deleted .... lawyer, alice, bob, ... ]

Too complex for what you're really doing.  Give your lawyer a floppy
with the key revocation certificate and a yellow sticky about how
to call Alice or Bob for help if your lawyer's not computer-literate
enough to follow the README file.  If you're paranoid about the cops
getting your unindicted co-conspirators' names, use PGP Inc.
or some computer consultant instead of Alice and Bob and have your
lawyer pay their per-hour rate.  On your One Phone Call,
tell him to get the floppy out of the sealed envelope in his safe
and use it.

Key revocation certificates don't leak your private keys,
so the only risk if the Bad Guys get a copy is denial of service,
including the pain of rebuilding all your connections, etc.;
it doesn't leak your communications or allow them to forge mail.


#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#     (If this is a mailing list, please Cc: me on replies.  Thanks.)






Thread