Revoked keys on keyservers

[Dave Ewart]

--wq9mPyueHGvFACwf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Friday, 19.10.2001 at 11:14 +0200, DeBug wrote:

> >> A while ago there was some brief discussion on the keyserver
> >> manager list about the idea of aging keys off of the keyservers.
> >> Basically, any key that didn't get refreshed after a few years
> >> would just get dropped from the server.
>
> DE> That's actually a rather nice idea ... shame it never got up and
> DE> running.
>
> I do not think this is a good idea - imagine someone has generated
> exactly the same key someone was using in the past, now they both have
> the same private key. So the list of revoked keys is needed to
> determine your new key was not used before. I wonder how many keys are
> possible is it 2^N ? Is this number big enough if someone decides to
> start continuously generate and register random keys ...

My understanding is that the probability of generating a non-unique key
in this way is so mind-boggling small as to be effectively zero.  I have
nothing to back up that argument, except "I think I read something like
that in Bruce Schneier's 'Applied Cryptography'" ...

Dave.
--=20
Dave Ewart
ewart@icrf.icnet.uk
Computing Manager
ICRF Cancer Epidemiology Unit, Oxford UK
PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370


--wq9mPyueHGvFACwf
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: http://www.gnupg.org/

iD8DBQE70A1KbpQs/WlN43ARAtD7AKDWSNAXAiGHVz3to6LXfRl3QPtFMgCgrqvh
HoFzkKxy0KyBPWrPw1i1QNA=
=r4hO
-----END PGP SIGNATURE-----

--wq9mPyueHGvFACwf--