Silly pgp/gpg revocation certificate. How does one publish one?
Joe(theWordy)Philbrook
jtwdyp at ttlc.net
Tue May 18 19:48:33 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello fedora gpg users... I know your out there, I've seen the clues.
Once before I almost started to use pgp... But of all the people I
corresponded with, only one would use it. And I wasn't doing anything I
felt needed encryption anyway. BUT in todays age of identity theft, I'd
like to establish a precedence of securing my communications by at
least signing them. So I looked into gpg, and this time the docs made a
little more sense...
So off I went and made me a new key pair. (I remembered having and old
one that I didn't want to use anymore, (I'm not sure I've kept the
private key secure enough) But I extracted said disused key pair from
archive, and imported it to my new gpg ring so I could issue a
revocation certificate. The GPG docs warn that ANYBODY can publish one
so to treat it carefully. But I didn't find an obvious how-to on
revocation...
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> Comment: A revocation certificate should follow
>
> iFMEIBECABMFAkCpMs4MHQBmdXR1cmUgdXNlAAoJEGgBnJz17aybmIMAoJ92y5gT
> KhfuQjcSwukXUlnTh/iyAKCHjYajtRp+R1WEo/TR7UvcW474sQ==
> =2NeG
> -----END PGP PUBLIC KEY BLOCK-----
But when I tried to feed this to the key server.
> Public Key Server -- Add
>
> Key block in add request contained no new
> keys, userid's, or signatures.
> Your key block contained 1 format errors,
> which were treated as if the erroneous elements
> hadn't been part of your submission.
> The last error was on key 0x00000073:
> Key block corrupt: signature without key
Yet when I selected the:
> Remove a key
> Search String:_F5EDAC9B_______________________[remove the key!]
at the bottom of http://pgpkeys.mit.edu/
What I get is.
> MIT PGP Public Key Server
> Frequently Asked Questions
> Before you send mail with a question, please check that it isn't already
> answered below.
>
> 1.
> Can you delete my key from the key server?
> No, we cannot remove your key from the key server. When
> you submit a key to our key server the key is also
> forwarded to other key servers around the world, and they
> in turn forward the key to still other servers. Deleting
> the key from our server would not cause it to be deleted
> from any of the other servers in the world and so this is
> not an effective way to ensure the discontinued use of
> your key.
That makes sense. And is why I made the revocation certificate in the
first place...
Help?
- --
| ? ?
|
| -=- -=- I'm NOT clueless...
| <?> <?> But I just don't know.
| ^ Joe (theWordy) Philbrook
| --- J(tWdy)P
| <jtwdyp at ttlc.net>
| ? ?
#####################################################################
# You can find my public gpg key at http://members.ttlc.net/~jtwdyp #
#####################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAqmgoRZ/61mwhY94RAhEiAKCJl8D2dVoyPmWbQk/oBuhqgBB08gCfWyc8
6HxAlSHfnSoh6ycPvKMkt94=
=QWSy
-----END PGP SIGNATURE-----
More information about the users
mailing list