Mailing List Archive

On Sun, 13 Feb 2000, Nate Eldredge wrote:

Hi!

> 1. The manual tells how to generate a revocation certificate
> (--gen-revoke). What is it that gets spit out? It says "PGP PUBLIC
> KEY BLOCK", and the comment says "A revocation certificate should
> follow", which would seem to imply that perhaps this isn't the
> certificate itself.

This _is_ the revocation certificate.

> 1a. Once I have a revocation certificate, how do I use it? Suppose

You only have to send it to the keyserver nearest to you.

> I've lost my secret key and want to revoke it. What should I do with
> the certificate? I tried, for example, submitting the output of
> --gen-revoke to a keyserver, but it rejects it.

Are you trying to send an ascii armored certificate or a binary
certificate? Try the option --armor

Cheers,
Thomas
--
Thomas Bader <thomasb@trash.net>, Powered by LINUX 2.2
Infos und Tipps zu Linux, HOWTOs des DLHP <http://www.trash.net/~thomasb/>
==> Einen Unixshellaccount (alles inkl.) gibts unter http://www.trash.net

On Sun, 13 Feb 2000, Nate Eldredge wrote:

> 1. The manual tells how to generate a revocation certificate
> (--gen-revoke). What is it that gets spit out? It says "PGP PUBLIC
> KEY BLOCK", and the comment says "A revocation certificate should
> follow", which would seem to imply that perhaps this isn't the
> certificate itself.

Frankly it is not a complete key but only the certificate. OpenPGP
mandates that this should be a key with the revocation certificate.
I decided nbot to emit this because this way you can print it out and
type it in if you ever will need it.

The Horrowitz keyservers (pgp.net) should now all accept these
standalone revocations. Don't know about NAIs certserver.

Making a real valid revocation is however trivial: import the
revocation into your keyring using Gnupg and the do a regular export
or --send-keys.

> fine. I.e. I sign a file and then revoke the key (selecting key 1),
> but even then doing --verify on the file reports that it's okay. Is

If you use the defaults in key generation, than key(1) is the
encryption key and you used the primary key to create the signature.
A primary key can only be revoked using the --gen-revoke command.

> I'd appreciate an email CC on responses if convenient, as I'm not on
> the mailing list and may miss it in checking the archives.


Werner

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 13 Feb 2000, Nate Eldredge wrote:
> I'm trying to figure out how key revoking works. The manual explains
> all the relevant GnuPG options, but not the whole procedure.

Yes, it explains how to generate the revocation certificate but not
when to or the consequences of applying the certificate. I've put
this on the todo list.

> 1. The manual tells how to generate a revocation certificate
> (--gen-revoke). What is it that gets spit out? It says "PGP PUBLIC
> KEY BLOCK", and the comment says "A revocation certificate should
> follow", which would seem to imply that perhaps this isn't the
> certificate itself.

It is the certificate.

> 1a. Once I have a revocation certificate, how do I use it? Suppose
> I've lost my secret key and want to revoke it. What should I do with
> the certificate? I tried, for example, submitting the output of
> --gen-revoke to a keyserver, but it rejects it.

If you import it, and the public key that it revokes is on your keyring,
your copy of the public key will be revoked.

> 2. I figured out how to revoke a key using the `revkey' command in
> --edit-key. And indeed, once I do that, attempts to encrypt to that
> user give a warning. However, signatures still seem to be perfectly
> fine. I.e. I sign a file and then revoke the key (selecting key 1),
> but even then doing --verify on the file reports that it's okay. Is
> this intentional? It would seem, then, that if my key gets
> compromised, nothing stops the bad guy from forging messages in my
> name.

When you sign, you use your private key, and that is not what gets
revoked. So yes, nothing stops the bad guy from forging messages if he
can bypass the encryption protecting your private key.

When the public key is revoked using the revocation certificate, however,
then signatures made *after* the revocation will be flagged as invalid
when checked against the revoked public key. Signatures made before
the revocation will be checked normally.

Typically, you revoke your own copy of your public key using your
revocation certificate and then distribute the revoked public key as
best you can. The problem is distributing your revoked public key fast
enough and far enough. A bad guy could fool your friends before your
friends get a copy of the revoked public key.

It's a social key management problem.

Mike

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAji32dMACgkQBwMqlokEyOJHNQCfbupR2/ikmvH2+Q82ER4D8jjO
pMYAoLz4gRkNCOcsPqWv9GbPA/eSZyBt
=RL8Y
-----END PGP SIGNATURE-----