shavital at mac.com
Tue Apr 17 16:32:06 CEST 2007
John W. Moore III wrote the following on 4/17/07 3:51 PM:
> If You are unable to Revoke the former Key then by all means; Generate a
> New Key (and create a standby Revoke cert) and Publish this Key *AND*
> notify every critical correspondent of the new Key! Still, those folks
> who Search for your Key via Email Address may send You encrypted Email
> using the Former/Compromised Key. (Shake Head sadly and mutter, "Ah Shit")
> I suggest You Move On (sadder but wiser) and accept that that You have
> made a common misstep on the path to Secure Communication.
If I may add one piece of "cobbler's approach" to the perfectly correct
advice given by John.
There is a most inelegant way to warn the folks worldwide that your
previous key is unusable: when you generate your new key, and get to the
"Comment" phase, you might insert something like "Key ID 0x5E6CBE2D
unusable", if 0x5E6CBE2D is the key whose passphrase you have lost.
Like I said, the cobbler's approach.
More information about the Gnupg-users