new (2003-11-30) keyanalyze results

David Shaw dshaw at
Sun Nov 30 18:08:59 CET 2003

On Sun, Nov 30, 2003 at 05:33:01PM -0500, Jason Harris wrote:
> On Sun, Nov 30, 2003 at 10:52:25PM +0100, Ingo Klöcker wrote:
> > On Sunday 30 November 2003 21:33, Jason Harris wrote:
> > > New keyanalyze results are available at:
> > >
> > >
> > 
> > I wonder whether you excluded all ElGamal signing keys from the 
> > keyanalyze. Or do you rely on their owners to revoke them?
> They are not specifically excluded.  The (GPG-using) keyholders
> should revoke them as recommended in the recent security advisory,
> at which point they will be automatically excluded from keyanalyze.

According to the stats you sent earlier, only around 11% of Elgamal
sign+encrypt keys have been revoked.  21% are expired.  69% are still
usable.  (The numbers don't add up to 100 since some keys are both
revoked and expired, plus I'm rounding).

I hope that when 1.2.4 comes out there will be some more revocations
since there is nothing else that can be done with a type 20 key in
1.2.4.  Still, it is more likely that some of these are forgotten

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 330 bytes
Desc: not available
Url : /pipermail/attachments/20031130/23e6d577/attachment.bin

More information about the Gnupg-users mailing list