'sensitive' designated revoker -- are the keyservers still aware?
Atom Smasher
atom at smasher.org
Thu Feb 1 23:14:22 CET 2007
On Thu, 1 Feb 2007, vedaal at hush.com wrote:
> why must the identity be revealed at all, if the key-owner who
> designated the revoker doesn't want it to be?
>
> it doesn't add to the security to know who revoked it, (whoever it as,
> it was someone the 'key-owner' decided it should be) it only compromises
> the revoker and/or key owner, as the revoker may become a target to
> revoke the original key-owner's replacement key
============================
if that's a concern... bob wants to designate alice as a revoker, but bob
[or alice] doesn't want to reveal that alice is the desiganted revoker,
even if his key is revoked. the solution is for bob to generate a
revocation certificate, encrypt it to alice, and send it to alice with
instructions about if/when to publish it. this basically serves the same
purpose, but doesn't necessarily reveal that alice was the designated
revoker.
a variation could break the revocation certificate into shares, requiring
any number of "secret revokers" to assemble the revocation certificate.
--
...atom
________________________
http://atom.smasher.org/
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"They tell us that we live in a great free republic;
that our institutions are democratic; that we are
a free and self-governing people. That is too much,
even for a joke. Wars throughout history have been
waged for conquest and plunder. And that is war in
a nutshell. The master class has always declared
the wars; the subject class has always fought the
battles."
-- Eugene V. Debs, 1918
More information about the Gnupg-users
mailing list