Silly pgp/gpg revocation certificate. How does one publish one?

Joe(theWordy)Philbrook jtwdyp at ttlc.net
Tue May 18 19:48:33 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 Hello fedora gpg users... I know your out there, I've seen the clues.

Once before I almost started to use pgp... But of all the people I
corresponded with, only one would use it. And I wasn't doing anything I
felt needed encryption anyway. BUT in todays age of identity theft, I'd
like to establish a precedence of securing my communications by at
least signing them. So I looked into gpg, and this time the docs made a
little more sense...

So off I went and made me a new key pair. (I remembered having and old
one that I didn't want to use anymore, (I'm not sure I've kept the
private key secure enough) But I extracted said disused key pair from
archive, and imported it to my new gpg ring so I could issue a
revocation certificate. The GPG docs warn that ANYBODY can publish one
so to treat it carefully. But I didn't find an obvious how-to on
revocation...

> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> Comment: A revocation certificate should follow
> 
> iFMEIBECABMFAkCpMs4MHQBmdXR1cmUgdXNlAAoJEGgBnJz17aybmIMAoJ92y5gT
> KhfuQjcSwukXUlnTh/iyAKCHjYajtRp+R1WEo/TR7UvcW474sQ==
> =2NeG
> -----END PGP PUBLIC KEY BLOCK-----

But when I tried to feed this to the key server.


> Public Key Server -- Add
> 
> Key block in add request contained no new
> keys, userid's, or signatures.
> Your key block contained 1 format errors,
> which were treated as if the erroneous elements
> hadn't been part of your submission.
> The last error was on key 0x00000073:
> Key block corrupt: signature without key

Yet when I selected the:

> Remove a key
> Search String:_F5EDAC9B_______________________[remove the key!]

at the bottom of http://pgpkeys.mit.edu/

What I get is.


> MIT PGP Public Key Server
> Frequently Asked Questions
> Before you send mail with a question, please check that it isn't already
> answered below.
> 
>    1.
>          Can you delete my key from the key server?
> 	       No, we cannot remove your key from the key server. When
> 	       you submit a key to our key server the key is also
> 	       forwarded to other key servers around the world, and they
> 	       in turn forward the key to still other servers. Deleting
> 	       the key from our server would not cause it to be deleted
> 	       from any of the other servers in the world and so this is
> 	       not an effective way to ensure the discontinued use of
> 	       your key. 

That makes sense. And is why I made the revocation certificate in the
first place...

Help?


- -- 
|      ?           ?		
|			
|        -=-   -=-	 I'm NOT clueless...    	
|        <?>   <?>    	But I just don't know.  	
|            ^          Joe (theWordy) Philbrook           
|           ---  	     J(tWdy)P
|			  <jtwdyp at ttlc.net> 
|      ?           ?		


   #####################################################################
   # You can find my public gpg key at http://members.ttlc.net/~jtwdyp #
   #####################################################################

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAqmgoRZ/61mwhY94RAhEiAKCJl8D2dVoyPmWbQk/oBuhqgBB08gCfWyc8
6HxAlSHfnSoh6ycPvKMkt94=
=QWSy
-----END PGP SIGNATURE-----





More information about the users mailing list