Revoked keys on keyservers
Dave Ewart
ewart@icrf.icnet.uk
Wed Oct 17 15:36:02 2001
--raC6veAxrt5nqIoY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wednesday, 17.10.2001 at 08:35 -0400, Richard B. Tilley wrote:
> I revoked some keys and sent them to the key servers several months
> ago. I checked the key servers today, and noticed that the revoked
> keys are still there. They show that they have been revoked of course,
> but my question is: how long do key servers keep revoked keys? Aren't
> these keys useless?
No - they show that key has been revoked ... which could be very useful
info to someone that had a copy of the key before it was revoked.
> I also have a couple of keys that are still active, but I don't use
> them; they were for testing. Unfortunately, I never generated
> revocation certs for these keys, and I no longer have the secret keys.
> Is there anyway to remove these keys from the servers? In the future,
> I'll make off-site backups and revoke certs ASAP... even when playing
> around.=20
Removing stuff from the servers is not usually possibly. Anyway, if you
no longer have the secret keys, nor revocation certificates, how can you
prove that they are _yours_?
Dave.
--=20
Dave Ewart
ewart@icrf.icnet.uk
Computing Manager
ICRF Cancer Epidemiology Unit, Oxford UK
PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370
--raC6veAxrt5nqIoY
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: http://www.gnupg.org/
iD8DBQE7zYicbpQs/WlN43ARAmk+AKDkr34I9szjbz81Mqvno2xuYadIHgCdHp7M
5bCtNFE0W+tqikUA1j3fmGE=
=uuXw
-----END PGP SIGNATURE-----
--raC6veAxrt5nqIoY--