GD doesn't always accept revocations
David Shaw
dshaw at jabberwocky.com
Wed Feb 9 22:25:48 CET 2005
On Wed, Feb 09, 2005 at 04:14:51PM -0500, Jason Harris wrote:
> On Wed, Feb 09, 2005 at 03:32:57PM -0500, David Shaw wrote:
> > On Wed, Feb 09, 2005 at 03:26:19PM -0500, Jason Harris wrote:
>
> > > Obviously, the keyholder didn't heed the FAQ and has left 0x3EA5F9EF
> > > on the GD. Unless this is corrected, ldap://keyserver-beta.pgp.com
> > > will incorrectly serve the unrevoked version of the key for the next
> > > 6 months.
> >
> > Yes. I don't think this is the best design. I understand the desire
> > to keep revoked keys off of the GD, but it's not clear what to do in
> > this case (an unrevoked key on the GD is suddenly revoked).
>
> It needs only to verify the revocation and remove the key immediately.
Well, that's one possible answer. Why don't you suggest it to the GD
people?
> The key was revoked by the keyholder, so it cannot be re-added to the
> GD unless its revocation certificate is removed. This is very simple
> to do with a tool like gpgsplit, and is therefore an easy attack to
> perpetrate against the GD and keyholders of revoked keys. (I classify
> it as an attack because it gets the GD to send confirmation emails for
> "useless" keys, anyone answering the unencrypted challenges causes the
> GD to store "useless" keys, etc.)
>
> This also applies to expired (v4) keys, as long as at least one (earlier)
> selfsig didn't expire the key.
Why go through a lot of bother to find an expired or revoked key which
you then manipulate into being acceptable? Just make a brand new key
with your victim's email address and submit that. It's the same
result.
David
More information about the Gnupg-users
mailing list