[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Revoking Old Lost Keys



On Sat, 6 Jan 1996 03:10:49 +0000, "Michael C. Peponis"
<[email protected]> wrote:


>If it's widley distributed, or on a keyserver, that becomes hard.  
>First you would have to be authenticated as the origional key owner, 
>ie how do I realy know that you are you, and not somebody saying you 
>are the orgional key owner?

[..]
>Good topic. 

Interesting, yes.  Also a possible attack...

Alice sends a PGP'd message to Charlie, but gets a reply from
"Charlie" saying that they original key was lost due to a hard drive
crash, etc.... and that she should coinsider it revoked.

Is that message from Charlie or from Mallet (the demonic SysAdmin),
who is trying to get in between Alice and Charlie...?