desig-revoke
Neil Williams
linux@codehelp.co.uk
Wed Sep 3 20:42:01 2003
--Boundary-02=_cajV/bIiaG0Hsz5
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline
On Wednesday 03 Sep 2003 7:17 pm, David Shaw wrote:
> On Wed, Sep 03, 2003 at 06:47:30PM +0100, Neil Williams wrote:
> They must authorize it ahead of time - essentially this is a special
> signature added by the keyholder which authorizes a particular key to
> issue revocations. Note that the keyholder needs their secret key to
> issue the authorization, so designated revocation doesn't magically
> fix the problem of a lost secret key.
After reading a private reply to this post, it appears that the main proble=
m=20
is that some keyservers list the key as already revoked just because the=20
desig-revoke certificate is present.
Ooops. I can't afford for my key to appear revoked ahead of time.
(I looked at one of the hkp servers.)
> your designated revoker. If something happens to you, they can then
> revoke your key (which, presumably, you would be in no shape to do).
>
> David
:-)
"Reports of my death have been greatly exaggerated."
MT
=2D-=20
Neil Williams
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
http://www.codehelp.co.uk
http://www.dclug.org.uk
http://www.biglumber.com/x/web?qs=3D0x8801094A28BCB3E3
--Boundary-02=_cajV/bIiaG0Hsz5
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/VjaciAEJSii8s+MRAkkuAKCPpGxoV3C/tKCZNvHIkT1DJff6fwCgk0pP
cDdamXY7NduMb2JCZG/3dqE=
=07Km
-----END PGP SIGNATURE-----
--Boundary-02=_cajV/bIiaG0Hsz5--