invalid gpg key revocation

Robert J. Hansen rjh at sixdemonbag.org
Mon Mar 5 18:26:59 CET 2012


On 3/5/12 12:12 PM, auto15963931 at hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.

Whenever anyone ascribes 99.9% certainty to a belief, my knee-jerk
reaction is to think the only 99.9% certainty is they've got the wrong
confidence interval.  :)

There are really only a few possibilities here:

1.  User error.  You did it yourself by accident and didn't realize
    it.
2.  Someone has access to your private key and passphrase and
    revoked your user ID.
3.  GnuPG has a critical, showstopper bug.
4.  The algorithm you used has a critical cryptographic flaw that
    someone exploited.

I can't tell you how likely #1 or #2 are, but #s 3 and 4 both seem like
fairly low-probability events.  I would begin by checking to see if
either #1 or #2 are in fact the case.  If you want me to believe #3 or
#4 are the case, you're first going to have to convince me it could not
have been #1 or #2.

I'll let other people answer the question of what data can be pulled out
of a revocation signature: this is a part of the spec I'm not entirely
up on.  It's possible someone's got some way to do interesting forensics
on revocations that I don't know about.  :)



More information about the Gnupg-users mailing list