Re: Migrating to GPG - A mini-HOWTO
On 14 Sep 1999, Ben Pfaff wrote:
> Michael Stone <email@example.com> writes:
> On Tue, Sep 14, 1999 at 03:38:34PM +0200, Marco d'Itri wrote:
> > I signed my DSS key with the old RSA key and then asked people who
> > signed the old key to sign the new one with their DSS key.
> > This is easy and secure.
> Again, no it isn't. How do they know that someone didn't steal your pgp
> How is this different from the question ``How does dinstall (or other
> person/program) know someone hasn't stolen [developer]'s PGP key?''
Because you can revoke the old key and have all of it's signatures become
invalid. But, you cannot revoke this 'new' key that was created and passed
around as real using your compromised old key. It now has real signatures
that say 'I know for certain that this key belongs to this person'.
With dinstall a compromise is short lived and can be undone by erasing the
effected package. Creating a new key and getting people to sign it cannot
really be undone.