Revoke a key - What is with the decrypted messages?
John W. Moore III
jmoore3rd at bellsouth.net
Fri Nov 23 21:31:19 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
> Just a maybe picky question:
> Does "stops new use" mean absolutely, like mechanical
> prevention, stops new use, or does it mean something like
> "stops by a social process", ie like knowledgeable users
> won't use it anymore?
> On Fri, 23 Nov 2007, David Shaw wrote:
> . . .
>> . . . Revoking the key only
>> stops new use of the key - old messages are still okay.
In this context it will mean "like mechanical prevention" but only for
those Users who have Updated Your Key with the Revocation on their
Keyring. GnuPG will _not_ Encrypt to a revoked Public Key.
However, if You never tell Me that You have revoked the Key and it is on
My Keyring and I Encrypt My annual Christmas Email to You using that Key
then it will not show Revoked on My Keyring and You will not be able to
read My Greetings unless You have kept the Secret Key for the revoked
Key on Your Keyring. This assumes that I have been too lazy to
'Refresh' Your Key from the Servers prior to writing My yearly missive.
An easy method for handling this is to also send the Revocation
Certificate to all Your correspondents in addition to Sending the
Revoked Key to the Keyservers. I would then recommend keeping a copy of
the Revoked Key available somewhere prior to deleting it 'just in case'
You ever receive a message Encrypted to it from someone You forgot to
Timestamp: Friday 23 Nov 2007, 15:30 --500 (Eastern Standard Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8-svn4622: (MingW32)
Comment: Public Key at: http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: https://www.gswot.org
Comment: My Homepage: http://tinyurl.com/yzhbhx
Comment: MySpace Page: http://www.myspace.com/jmoore3rd
-----END PGP SIGNATURE-----
More information about the Gnupg-users