revoked key

Atom 'Smasher' atom-gpg at suspicious.org
Tue May 18 20:07:43 CEST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 18 May 2004, Jason Harris wrote:
> On Mon, May 17, 2004 at 09:40:31AM -0400, Atom 'Smasher' wrote:
> > On Mon, 17 May 2004, Jerry Windrel wrote:

> > > Have you considered starting over with a brand new key that is not connected
> > > to a revoked key?
> > =======================
> >
> > yes, but doing it this way means that my old and new key remain compatible
> > with each other... i can sign something with the new key, and it still
> > verifies with my old key: someone can encrypt to my old key, and i can
> > decrypt with my new key. this also means that anyone who "trusts" the old
> > key should "trust" the new key, since it incorporates the old key.
>
> However, any signatures they issued to your old pubkey+userid(s) don't
> transfer when it is converted to a subkey.  While you retain the same
> key (material) which can be verified through the key fingerprint, you
> seem to be expecting people to verify that old pubkey fingerprint again
> and re-sign your new pubkey+userid(s) based on the keybinding signature(s)
> issued from your new pubkey.
=======================================

not a problem, since i didn't really collect any signatures on the old
key. i re-evaluated my needs for pgp, and the new key serves those needs
better than the old key... i decided that the sooner i switch, the sooner
i can start soliciting signatures for the new key.


> But, nobody should sign your new pubkey based on its subkeys, since
> this doesn't prove ownership of the old key material.
====================================

i'm not asking anyone to ~sign~ the key based on the incorporation of the
old key components, i'm asking people to trust it as much (or as little)
as they did previously. if someone wanted to sign the new key based on
their verification of the old key, that's up to them.


>  Anyone can claim those same subkeys as their own by binding them to a
> pubkey they control.  While they can't issue valid signatures from your
> "adopted" signing-capable [sub]keys, and while you could decrypt any
> intercepted traffic for them which was encrypted to your encryption-
> capable "adopted" [sub]keys, it may be enough to generate FUD regarding
> ownership of your key material.
=========================================

anyone can do that with any (sub)keys.

what would be hard to fake would be:
 * state the new key is valid and sign it with the old key
		(as my email signatures accomplish)
 * revoke the old key with a comment such as:
	This key has been superseded by:
	4096R 0x762A3B98A3C396C9C6B7582AB88D52E4D9F57808

both of those should keep FUD to a minimum. i've done both.


> As well, you'd be confusing the issue if you were to sign your new
> pubkey with your old pubkey (which is also your "new" subkey), which
> is the normal way to transfer trust from an old key to a new key.
=========================

there are arguments for and against that... but i don't plan on doing it.


> > if someone doesn't know that the old key is revoked, everything still
> > works fine. if they notice the revocation, they might also notice the
> > revocation comment that directs people to the new key.
>
> Indeed, but moving to an entirely new key that is signed by the old
> key is much simpler and less prone to error and misinterpretation.
============================

that could be... this is part of the experiment and remains to be seen ;)


	...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

                    _
                  _(_)_                          wWWWw   _
      @@@@       (_)@(_)   vVVVv     _     @@@@  (___) _(_)_
     @@()@@ wWWWw  (_)\    (___)   _(_)_  @@()@@   Y  (_)@(_)
      @@@@  (___)     `|/    Y    (_)@(_)  @@@@   \|/   (_)\
       /      Y       \|    \|/    /(_)    \|      |/      |
    \ |     \ |/       | / \ | /  \|/       |/    \|      \|/
    \\|//   \\|///  \\\|//\\\|/// \|///  \\\|//  \\|//  \\\|//
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish?  -  http://atom.smasher.org/links/#digital_signatures

iEYEARECAAYFAkCqUPQACgkQnCgLvz19QePEKQCfTA9Ag4r/rY/2WOCElLBAYvtS
lnsAoIoUPCFaEx7b5XYuULlo72kjQ7SZ
=h+oe
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list