Transferring identity to a new public key

Avi avi.wiki at gmail.com
Mon Feb 16 16:28:42 CET 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

If I recall correctly, when generating the revocation
certificate, you have an option to choose why the certificate is
being generated, and one choice is "key compromised".

- --Avi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.71

iF4EAREKAAYFAkmZhiEACgkQDWKwGfgOKfmcEQD/TSf6qX4hdnh7M+P2xQswvGfb
IjLrq5KuJOeSztcjSJYA/AnoeBZE/zI8HnbM7R23miBMuzk5KU4Oh6KmTyBCSzJB
=Gt1V
-----END PGP SIGNATURE-----

----
en:User:Avraham

pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <avi.wiki at gmail.com
>
  Primary key fingerprint: 167C 063F 7981 A1F6 71EC  ABAA 0D62 B019 F80E
29F9


---------- Forwarded message ----------
> From: Jonas Islander <m534c.subscribe at gmail.com>
> To: gnupg-users at gnupg.org
> Date: Mon, 16 Feb 2009 12:10:32 +0100
> Subject: Transferring identity to a new public key
> When you suspect your private key may be compromised, it's obvious
> that you should revoke the key pair, upload your revocation to the key
> servers, and generate a new pair. But what is "best practice" for
> telling people about your new public key - transferring your identity
> to it, so to speak?
>
> Is there any point in adding a self-signed ID saying "Key compromised
> - please use key with fingerprint xxxxxxxxx instead" before revoking?
>
> I'm thinking it's pointless, since an attacker could do the same, and
> use it to transfer someone's identity to a new public key, which the
> rightful owner cannot revoke.
>
> Am I right in thinking that anyone seeing a user ID of the form
> "Please use key with fingerprint xxxxxxxxx instead" should ignore it
> (since it may be an attempt to permanently steal someone's identity)?
>
> Am I right in thinking that someone whose key may be compromised,
> should simply revoke it and start over from scratch with a new key
> pair, proving their identity to each and every person signing it?
>
>
> Similarly, if you believe your private key may be compromised, is
> there any point in sending signed messages to everyone who has signed
> your old public key, asking them to also sign your new one?
>
> I believe it's pointless, since the message could just as well be from
> an attacker, and that anyone receiving such a message should refuse to
> sign the new keys (and insist the sender prove their identity another
> way). Am I right in thinking this?
>
> I've looked for answers to these questions, but most discussions about
> transferring identity to new keys seem to deal with the situation
> where someone has accidentally deleted their private key or forgotten
> their passphrase, not the situation where the private key is still
> accessible.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20090216/0e104c2e/attachment.htm>

More information about the Gnupg-users mailing list