Mailing List Archive

I wouldn't think you would want to be able to do that. If it can be done
without the private key, then I can revoke your key for you... :-)

-C

On 2/5/2020 3:59 PM, Mark wrote:
> Is there anyway to revoke an OLD LOST PGP key? I no longer have either
> the public or private keys but can find the KeyID. I'm guessing not but
> figured I'd ask just in case.
>
> Thanks
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Wed, Feb 05, 2020 at 03:59:01PM -0700, Mark wrote:
>Is there anyway to revoke an OLD LOST PGP key? I no longer have either
>the public or private keys but can find the KeyID. I'm guessing not but
>figured I'd ask just in case.

The revocation certificate needs to be signed by the private key, so
without the private key it is indeed not possible.

It is possible to ask a third party to revoke your key in your stead,
but only if you have previously made said third party a "designated
revoker" (something that needs to be done in advance, when you still
have the private key).

Since you cannot revoke, the only thing you may try is asking some of
the people who certified your lost key (if any) to revoke their
certification of your key.

Cheers,

- Damien

* Mark:

> Is there anyway to revoke an OLD LOST PGP key? I no longer have either
> the public or private keys but can find the KeyID.

As you guessed, it is not possible, because you require the private key
in order to create a revocation. That's why it is recommended to create
revocations (and storing them safely and separately) right after
creating new keys, just for the case you describe, i.e. not having
access to the original key material later on.

-Ralph

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

I know there was is a HUGE downside to be able to do that guessed that
is why it is not possible.

On 2/5/2020 4:07 PM, Chris DeYoung wrote:
> I wouldn't think you would want to be able to do that. If it can be
> done without the private key, then I can revoke your key for you... :-)
>
> -C
>
> On 2/5/2020 3:59 PM, Mark wrote:
>> Is there anyway to revoke an OLD LOST PGP key? I no longer have either
>> the public or private keys but can find the KeyID. I'm guessing not but
>> figured I'd ask just in case.
>>
>> Thanks
>>
>>
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users@gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

I figured it was not possible but just wanted to double check. It is an
OLD key from the 90s attached to an email address for a ISP that no
longer exists so it's not really used. IF it was possible I would revoke
it but since it is not, it will just live out there forever.

On 2/5/2020 4:37 PM, Damien Goutte-Gattat wrote:
> On Wed, Feb 05, 2020 at 03:59:01PM -0700, Mark wrote:
>> Is there anyway to revoke an OLD LOST PGP key? I no longer have either
>> the public or private keys but can find the KeyID. I'm guessing not but
>> figured I'd ask just in case.
>
> The revocation certificate needs to be signed by the private key, so
> without the private key it is indeed not possible.
>
> It is possible to ask a third party to revoke your key in your stead,
> but only if you have previously made said third party a "designated
> revoker" (something that needs to be done in advance, when you still
> have the private key).
>
> Since you cannot revoke, the only thing you may try is asking some of
> the people who certified your lost key (if any) to revoke their
> certification of your key.
>
> Cheers,
>
> - Damien

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

These were keys created in the 90s on probably 3 computers ago. I looked
through some old CDs that I had laying around but they didn't have the
saved keys. I don't use these keys anymore and having in over a decade.
In fact the email address and even the entire ISP are long gone now.  I
was just thinking if I could revoke them I would but it doesn't look
like that is possible.


On 2/5/2020 4:38 PM, Ralph Seichter via Gnupg-users wrote:
> * Mark:
>
>> Is there anyway to revoke an OLD LOST PGP key? I no longer have either
>> the public or private keys but can find the KeyID.
> As you guessed, it is not possible, because you require the private key
> in order to create a revocation. That's why it is recommended to create
> revocations (and storing them safely and separately) right after
> creating new keys, just for the case you describe, i.e. not having
> access to the original key material later on.
>
> -Ralph
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/6/20 09:41, Mark wrote:
> These were keys created in the 90s on probably 3 computers ago. I looked
> through some old CDs that I had laying around but they didn't have the
> saved keys. I don't use these keys anymore and having in over a decade.
> In fact the email address and even the entire ISP are long gone now.  I
> was just thinking if I could revoke them I would but it doesn't look
> like that is possible.

If the email address is dead, I wouldn't worry about that. I have old
keys out there with FidoNet addresses on them, as well as
cypherpunk-style remailer keys I forgot to revoke before shutting down
the remailer and wiping the system. Stuff happens.

--
Shawn K. Quinn <skquinn@rushpost.com>
http://www.rantroulette.com
http://www.skqrecordquest.com

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

I can't even remember what program I used to create them. I think it was
when Symantec first started with the PGP program and was beta testing
it. Anything that the keys encrypted is long gone anyway so not a huge
loss. I just would have "properly dealt" with them if possible. I didn't
think so, but figured I'd just in case.

I remember the old FidoNet days. I was involved with QWK mail reader way
back then.

On 2/6/2020 9:50 AM, Shawn K. Quinn via Gnupg-users wrote:
> On 2/6/20 09:41, Mark wrote:
>> These were keys created in the 90s on probably 3 computers ago. I looked
>> through some old CDs that I had laying around but they didn't have the
>> saved keys. I don't use these keys anymore and having in over a decade.
>> In fact the email address and even the entire ISP are long gone now.  I
>> was just thinking if I could revoke them I would but it doesn't look
>> like that is possible.
> If the email address is dead, I wouldn't worry about that. I have old
> keys out there with FidoNet addresses on them, as well as
> cypherpunk-style remailer keys I forgot to revoke before shutting down
> the remailer and wiping the system. Stuff happens.
>

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users