GD doesn't always accept revocations

David Shaw dshaw at jabberwocky.com
Thu Feb 10 00:29:28 CET 2005


On Wed, Feb 09, 2005 at 05:38:46PM -0500, Jason Harris wrote:
> On Wed, Feb 09, 2005 at 04:25:48PM -0500, David Shaw wrote:
> > On Wed, Feb 09, 2005 at 04:14:51PM -0500, Jason Harris wrote:
> 
> > > It needs only to verify the revocation and remove the key immediately.
> > 
> > Well, that's one possible answer.  Why don't you suggest it to the GD
> > people?
> 
> If this isn't already self-evident to them...

Maybe it is, and maybe it isn't.  If you just want to complain, then I
guess you're all set.  If you want something actually fixed you should
tell them.

> > Why go through a lot of bother to find an expired or revoked key which
> > you then manipulate into being acceptable?  Just make a brand new key
> > with your victim's email address and submit that.  It's the same
> > result.
> 
> For one thing, anyone who followed the GD FAQ and simply removed a key
> from the GD without revoking it in their own keyring may be duped into
> confirming the fingerprint of a key they once used and probably still
> have.  The key may or may not be expired, but their encryption client
> definitely can't heed a revocation that was never generated.

That sounds like a lot of 'ifs' to me.  Sure, if you can dupe them
into doing something stupid, and if that key had been revoked before,
and if they then removed it from the GD, and if they had forgotten
they had done so, then maybe you have an attack?

It's always possible to come up with an attack if you get to use
enough 'ifs'.

David



More information about the Gnupg-users mailing list