Delete key from keyserver

B. Kuestner kuestner at macnews.de
Sun Oct 23 21:48:36 CEST 2005



>> Am I missing something?
>>
>
> The web of trust.  (And the documentation, apparently.)
>

Okay. I got that by now. I think the problem was that MacGPG makes it  
really easy to get started with GPG:

There's a plug-in that integrates nicely with Apple's Mail. And the  
Keychain Assistant let's you do all the key creation and uploading  
things easily. That's great. That's a start to get people actually  
using GPG.

But then unlike the command line tools the software does not  
recommend to make a backup copy of your private key. It does not  
recommend to make a hard copy of your key. It does not recommend to  
create a revocation certificate. It also does not explain that  
downloading a public server means that this key can be trusted. That  
of course is a not so good start to get people actually using GPG.

In my case, there was also a bug: When I tried to delete a key I  
didn't want, up came a cryptic error message. So after a while since  
I had just been playing around after all, I thought I just delete my  
keychain and start from scratch. Did that twice actually for the same  
reason. And that's how I lost those private keys.

Anyway, regarding MacGPG, it's a great software even at 0.3.x. I can  
only commend the creators for the effort they have put into it so  
far. Now to prevent that others get bitten like I was I will suggest  
to the authors that they will build recommended practices into the  
software. So after creating a key it could prompt the user to export  
a copy, print a hard copy and create a revocation certificate. The  
deletion error could be fixed, and before deleting a key, the  
software could warn of the implications and advice to create a backup  
copy first somewhere else. Before uploading to a server it could  
explain the implications of that. And before downloading a key it  
could again explain some more of the meaning.


> P.S.:  A slightly less inflammatory tone would not have harmed either.
>

You're absolutely right. It wasn't meant to be inflammatory, nor was  
I in an angry mood or something. I was trying to be straight-forward  
with my reasoning. But after rereading my post when it came back I  
bit my lip and felt offended by my own words. Ouch!

So, please, if somebody took offense at my post, it really was not  
meant like that. My apologies.

Björn







More information about the Gnupg-users mailing list