Re: Big problem - GnuPG key deleted
On Tuesday, Jul 15, 2003, at 09:41 US/Eastern, Steve Langasek wrote:
A keyholder who makes signing decisions based on what *other* people
have signed adds nothing of value to the web of trust -- and can do a
lot of damage by distorting trust metrics.
Agreed. Good thing we're not talking of signing.
If your new key is trusted, why is it important to get me to revoke my
signature on the old key? If it's important, why should I agree to
revoke the signature without first-hand evidence of your identity?
Let's say that you've signed my key. My computer is stolen, and along
with it my private key. Unfortunately, the media containing revocation
certificates was stolen/developed bad sectors/burnt in a fire/etc. So,
I can't properly revoke the key. Now, we've got a problem: There is a
compromised, trusted key in the web of trust. Somehow that needs to be
dealt with.
I hope that if I were to meat with you again, putting forth the same
evidence as when you signed my key, you'd happily revoke your
signature. But what if we're half way across the world from each other;
if we just met and signed keys at a Debconf, for example? Somehow, I
think, there needs to be a way to remove that key from the web of
trust. If a bunch of people who you trust tell you that my key has been
compromised, would you believe them? If so, why wouldn't you revoke the
signature?
Revoking a signature doesn't mean you're sure that the new key is mine.
It doesn't mean that your sure the old key isn't mine. It just means
you're no longer confident the old key is mine.
Reply to: