Revoked keys on keyservers
Mark Brown
broonie@sirena.org.uk
Wed Oct 17 15:25:01 2001
On Wed, Oct 17, 2001 at 08:35:40AM -0400, Richard B. Tilley wrote:
[Reformatted to 80 columns]
> I revoked some keys and sent them to the key servers several months
> ago. I checked the key servers today, and noticed that the revoked
> keys are still there. They show that they have been revoked of course,
> but my question is: how long do key servers keep revoked keys? Aren't
> these keys useless?
It is useful to advertise the revocation certificates indefinately so
that people who obtain the key without the revocation certificates can
update the key from the server and discover that it has been revoked.
> I also have a couple of keys that are still active, but I don't use
> them; they were for testing. Unfortunately, I never generated
> revocation certs for these keys, and I no longer have the secret keys.
> Is there anyway to remove these keys from the servers? In the future,
No. Unless you have the revocation certificates or the private keys to
generate them you're stuck.
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."