invalid gpg key revocation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Mar 5 19:12:06 CET 2012
On 03/05/2012 12:12 PM, auto15963931 at hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.
> If they had, I have to believe that there would have been more
> damage done than this, and that does not appear to have happened. I
> mention the details, which may seem irrelevant, only because
> sometimes the devil is in the details. This event has in fact
> occurred, and I need to figure out how to explain it and prevent
Without pointing to the key in question and the associated revocation
certificate, there isn't much that folks on this list can do to help
you. Can you post a link to the key, or attach it to e-mail here? or
publish it to the public keyservers, and refer to it by keyID?
If you aren't willing to share the key publicly for other folks to take
a look at, you might want to review the revocation certificate to be
learn a few things:
* what key issued the revocation certificate?
* when was the revocation issued (according to its internal timestamp)?
* what cryptographic algorithms were used by the revocation
* were the cryptographic bits correct?
* what was the encoded reason for revocation?
You might find some clues to the above by exporting the key from your
public keyring and piping it to gpg --list-packets:
gpg --export $keyid | gpg --list-packets
FWIW, if someone did compromise your secret key material, creating a
revocation certificate for your key is possibly the nicest thing they
could do with it.
More information about the Gnupg-users