[newbie] Revoking vs deleting public keys
Adrian von Bidder
Tue Aug 5 10:40:01 2003
Content-Description: signed data
On Monday 04 August 2003 23:44, Ediprogrammer@aol.com wrote:
> When do you recommend revoking versus deleting a public key? What does
> revoking a key do, exactly? Thanks.
The important (and often annoying) thing with public key cryptographics: on=
you publish a key, there's no way of unpublishing it. Even if you could=20
delete your key from all keyservers, there's bound to be someone having it=
cached locally who will go and upload it again.
=46or this, revoking was introduced: instead of deleting the key, you add a=
special signature to it telling people 'don't use this key anymore' (with=20
current keys, you can even give a reason for revocation, so you can=20
differentiate between keys you just don't use anymore, userids you don't us=
anymore because the email has changed, and keys that got compromised).
Once revoked, the key will be around, but people won't use it (note that it=
not a technical impossibility to use the key, but just a standards-mandated=
way the software behaves).
random link of the day: http://fortytwo.ch/sienapei/naezahcu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----