Smartcard Support, open system security, law,( certificate sig removed)
Neil Williams
linux@codehelp.co.uk
Mon Aug 25 19:06:01 2003
--Boundary-02=_4KkS/Fkuz1deYkk
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline
On Monday 25 Aug 2003 12:48 am, Mark Kirchner wrote:
> Hi,
> The revocation certificate is created using your own, private key (the
> same one that is / will be stored on your card). It definitely needs
> to be protected and safely stored, because everybody who's got it can
> revoke your public key.
> But in no case a central issuer is required.
It can be REALLY small too - as short as an email signature. It can be prin=
ted=20
out, kept safe (even in a safe deposit box if you want to) and just typed i=
n=20
if you eventually need it. Just a line or two of various characters. Save a=
s=20
a file and import alongside your public key (from a keyserver) using any co=
py=20
of GnuPG - yours or someone else's if your system becomes compromised at th=
e=20
same time as the key.
=2D-=20
Neil Williams
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
http://www.codehelp.co.uk
http://www.dclug.org.uk
http://www.biglumber.com/x/web?qs=3D0x8801094A28BCB3E3
--Boundary-02=_4KkS/Fkuz1deYkk
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/SkK4iAEJSii8s+MRAg7BAKD1AUJZBwlXovxcjgctAzxrvfx7HwCfc33g
z9zAJRr6TPHFgS3sNNVzvG4=
=aA12
-----END PGP SIGNATURE-----
--Boundary-02=_4KkS/Fkuz1deYkk--