[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject



X-PGP Key ID: 4AAF00E5
X-PGP Fprint: 30D81F3484E6A83F 6EC8D7F0CAB3D265
Date: Tue, 13 Dec 1994 21:08:38 -0800
To: [email protected]
From: [email protected] (Dave Del Torto)
Subject: KEYSRVR: remove w/o revoke?

-----BEGIN PGP SIGNED MESSAGE-----

A Keyserver Dilemma:

Through the good graces of one Craig Steinberger, I discovered that the
keyserver Michael Graff runs at Iowa State has an old, defunct key for me.
Naturally, I've tried to update it, but am not sure if I was successful
yet, but here's my question: Is there a mechanism for deleting your own key
from a keyserver's ring without revoking it? I think not, on the surface of
it, it goes against general key hygiene procedures. History: I sent that
512 key to two people almost two years ago as a test and never used it
since. Apparently it got put on someone's keyring and transferred to Iowa
at some point. (Note: _I_ never added it to any keyserver, so there's a
problem with posting other people's keys and not telling them that also
needs addressing here.) Now, since I never expected to use that key again,
I deleted the secret half of the pair, and hence am unable to revoke it.
Asking Michael nicely to remove it from Iowa (which requires a certain
measure of trust most keyserver-owners might not extend under normal
conditions) is fine. But what about all the other keyservers that propagate
the bogus key all over (and back to Iowa)? How can one deal with that
problem?

Key management is one of my _least_ favorite aspects of PGP. grrrrr...

BTW, my (good) key is available at:

   ftp.netcom.com:/pub/dd/ddt/crypto/ddt-PGP-key.txt

My apologies to anyone who hasn't been able to verify my signatures because
of the bogus key.

   dave
_____________________________________________________________
 "To solve a maze, start at the cheese and mouse backwards."




-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLu5noaHBOF9KrwDlAQHHogP/ds8Nr2nlnR6mRZbul24Kk07FvBrNCqrb
TY70MN9aEsKLoALXpdvC4ZIc2npwk3HWK/UN7mayqZsVWwOpJf/NZwATcYHrlGxT
5sHsAhGAzb7TlpByEUJ+He65e7a8doyqffHuUeNdokM5YFkxQi/LRfPVkIDi3cGG
jq6NJR20SKs=
=+Zfi
-----END PGP SIGNATURE-----