Problem removing a public key whose private key is gone
David Shaw
dshaw at jabberwocky.com
Mon Mar 13 14:52:21 CET 2006
On Mon, Mar 13, 2006 at 07:58:20AM -0500, Atom Smasher wrote:
> On Mon, 13 Mar 2006, Neil Williams wrote:
>
> >Werner et al. :
> >Maybe it's time that --send-key checks if the key to be sent has a
> >secret key in the secret keyring and if it does, prompts the user about
> >a revocation certificate BEFORE allowing the key to be sent?
> ==================
>
> how many noobs upload new keys on the command-line? how many use "-a
> --export" and then copy-n-paste into a web interface?
>
> if more noobs opt for the former, your idea would spare the world of some
> useless keys. i suspect that more noobs opt for the latter, in which case
> the idea wouldn't help much.
>
> maybe there needs to be a sandbox keyserver where users can upload keys
> for practice, but it purges itself of keys >1 year old and doesn't sync
> with "real" keyservers. if such a keyserver existed, it should probably be
> the default keyserver in the preferences.
Cough, cough. ldap://keyserver.pgp.com
It purges keys that aren't confirmed via email and doesn't sync with
any other keyserver.
Still, even with a keyserver that doesn't sync, that doesn't stop
other people from (accidentally or otherwise) downloading a key from
ldap://keyserver.pgp.com and distributing it via other means.
David
More information about the Gnupg-users
mailing list