KEYSERVER; Trust Model

Mike Acker Mike_Acker at charter.net
Mon Mar 21 12:55:51 CET 2011


On 03/21/2011 07:37, Jonathan Ely wrote:
> I meant to not say automatic because you are right. I went inside the
> details and activate the import option. Now it says ‘untrusted good
> signature’ as it should. That is much easier than searching for a key
> and saves time.
>
> Why upload a revocation certificate to public servers? Does not that
> file render your public and secret key pair unuseable? I never heard of
> somebody uploading their revocation certificate anywhere.
btw, the gnupg user list would like you to add a cc to the list on these
messages. they can probably get all of it from the quoted text blocks
but nonetheless the list would like us to share properly

in answer to your question: if you are administering keys for a group,
say 20 or more people and you have members who come and go -- you may
need to revoke a signature

for example, let's say Tom Newguy joins our group. how do we tell the
current member of the group and provide them with a certified copy of
Tom's key?

what do we do when Tom leaves the group?

Let's start at the beginning: Tom is joining our group today. I have
signed for his key. I am going to use the send key by email option of
Thunderbird's OpenPGP Key management dialog to send his key. If this is
done right you will be able to accept his key directly from his e/mail.
Let me know how this goes. Alternately I could send his key to the
server but I don't want to clutter the server with a junk key.

let me know what happens

-- 
/MIKE


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110321/5a6ac8c7/attachment.pgp>


More information about the Gnupg-users mailing list