new (2003-11-30) keyanalyze results
David Shaw
dshaw at jabberwocky.com
Mon Dec 1 12:47:39 CET 2003
On Mon, Dec 01, 2003 at 11:30:30AM -0600, David Champion wrote:
> * On 2003.12.01, in <20031201150933.GA3184 at jabberwocky.com>,
> * "David Shaw" <dshaw at jabberwocky.com> wrote:
> > >
> > > Hmm. I wonder if somebody shouldn't just revoke them. (As proof that
> > > they are *really* vulnerable).
> >
> > Heh. I was waiting for someone to suggest this. I'm a little
> > surprised it took this long. ;)
> >
> > Using a compromised key to revoke a key out from under someone else
> > raises some interesting ethical questions. It's similar (though not
>
> I think it's pretty easy to call it "unethical" without much further
> consideration. It's the same as entering a protected system with an
> exploitable vulnerability and "fixing" it, without regard to what
> internal subsystems this "fix" breaks. There's always someone whose
> daily routine depends on something that's tangentially broken, who
> would be glad to fix it as soon as they're back in the office, or a
> maintenance window opens, or their grandmother's out of the hospital,
> or whatever. You might catch 20 people who simply know no better, but
> there's a 21st who critically cannot change at this moment.
Yep. Which is why notifications happened, rather than forced
revocations. This does mean there will be some keys that never get
revoked, but that is being handled on the GnuPG side by refusing to
use them. Users are free to not upgrade, but eventually there will be
nobody to talk to.
David
More information about the Gnupg-users
mailing list