invalid gpg key revocation

Ingo Klöcker kloecker at kde.org
Mon Mar 5 22:36:42 CET 2012


On Sunday 04 March 2012, Robert J. Hansen wrote:
> On 3/4/2012 4:13 PM, auto15963931 at hushmail.com wrote:
> > Hello. Supposing I create a key with an arbitrary user ID...
> 
> This seems to me to be a simple question wrapped up in a lot of
> unnecessarily specific details: "How is it possible for a
> non-authorized person to revoke a user ID?"
> 
> 	1.  Mathematical weakness in the underlying
> 	    algorithms (unlikely but possible)
> 	2.  Critical bug in GnuPG (unlikely but possible)
> 	3.  Someone's swiped your private key (disturbingly
> 	    possible)

4. He has left his laptop unlocked and unattended for a very short 
period of time and he is using gpg-agent with a cache-ttl > 0.

I have verified that one can generate a revocation certificate without 
entering a passphrase if one has previously signed something (e.g. an 
email). So, it was probably just a very nasty prank.

Maybe gpg shouldn't use the cached signing passphrase (or any cached 
passphrase) for generating a revocation certificate.


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120305/3e5fb0fe/attachment.pgp>


More information about the Gnupg-users mailing list