Re: Migrating to GPG - A mini-HOWTO

To: joey@infodrom.north.de
Cc: debian-devel@lists.debian.org
Subject: Re: Migrating to GPG - A mini-HOWTO
From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
Date: Wed, 15 Sep 1999 00:47:12 +0100 (BST)
Message-id: <[🔎] E11R2I4-0006tF-00@polya>
In-reply-to: <[🔎] 19990915000630.C3397@finlandia.infodrom.north.de> from Martin Schulze at "Sep 15, 1999 0: 6:30 am"

> > >    Again, no it isn't. How do they know that someone didn't
> > >    steal your pgp key?
> > > 
> > > How is this different from the question ``How does dinstall (or other
> > > person/program) know someone hasn't stolen [developer]'s PGP key?''
> > 
> > Because I can issue a key revocation if a key that I own is compromised.
> 
> Why can you issue this revocation to the keyring for dinstall but not
> for the people who have signed your key?

But what if the person who *stole* my PGP key sent around the new
OpenPGP key for signature?  I can't revoke it, as I don't have the
secret key, and there is now a key going around which looks like it's
mine and there's nothing I can do about it.

   Julian

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

  Julian Gilbey, Dept of Maths, QMW, Univ. of London. J.D.Gilbey@qmw.ac.uk
        Debian GNU/Linux Developer,  see http://www.debian.org/~jdg

Reply to:

References:
- Re: Migrating to GPG - A mini-HOWTO
  - From: Martin Schulze <joey@finlandia.Infodrom.North.DE>

Prev by Date: Re: Migrating to GPG - A mini-HOWTO
Next by Date: Re: NOT done!
Previous by thread: Re: Migrating to GPG - A mini-HOWTO
Next by thread: Re: Migrating to GPG - A mini-HOWTO
Index(es):
- Date
- Thread