Wed Sep 3 20:42:01 2003
Content-Description: signed data
On Wednesday 03 Sep 2003 7:17 pm, David Shaw wrote:
> On Wed, Sep 03, 2003 at 06:47:30PM +0100, Neil Williams wrote:
> They must authorize it ahead of time - essentially this is a special
> signature added by the keyholder which authorizes a particular key to
> issue revocations. Note that the keyholder needs their secret key to
> issue the authorization, so designated revocation doesn't magically
> fix the problem of a lost secret key.
After reading a private reply to this post, it appears that the main proble=
is that some keyservers list the key as already revoked just because the=20
desig-revoke certificate is present.
Ooops. I can't afford for my key to appear revoked ahead of time.
(I looked at one of the hkp servers.)
> your designated revoker. If something happens to you, they can then
> revoke your key (which, presumably, you would be in no shape to do).
"Reports of my death have been greatly exaggerated."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----