Delete key from keyserver
B. Kuestner
kuestner at macnews.de
Sun Oct 23 21:48:36 CEST 2005
>> Am I missing something?
>>
>
> The web of trust. (And the documentation, apparently.)
>
Okay. I got that by now. I think the problem was that MacGPG makes it
really easy to get started with GPG:
There's a plug-in that integrates nicely with Apple's Mail. And the
Keychain Assistant let's you do all the key creation and uploading
things easily. That's great. That's a start to get people actually
using GPG.
But then unlike the command line tools the software does not
recommend to make a backup copy of your private key. It does not
recommend to make a hard copy of your key. It does not recommend to
create a revocation certificate. It also does not explain that
downloading a public server means that this key can be trusted. That
of course is a not so good start to get people actually using GPG.
In my case, there was also a bug: When I tried to delete a key I
didn't want, up came a cryptic error message. So after a while since
I had just been playing around after all, I thought I just delete my
keychain and start from scratch. Did that twice actually for the same
reason. And that's how I lost those private keys.
Anyway, regarding MacGPG, it's a great software even at 0.3.x. I can
only commend the creators for the effort they have put into it so
far. Now to prevent that others get bitten like I was I will suggest
to the authors that they will build recommended practices into the
software. So after creating a key it could prompt the user to export
a copy, print a hard copy and create a revocation certificate. The
deletion error could be fixed, and before deleting a key, the
software could warn of the implications and advice to create a backup
copy first somewhere else. Before uploading to a server it could
explain the implications of that. And before downloading a key it
could again explain some more of the meaning.
> P.S.: A slightly less inflammatory tone would not have harmed either.
>
You're absolutely right. It wasn't meant to be inflammatory, nor was
I in an angry mood or something. I was trying to be straight-forward
with my reasoning. But after rereading my post when it came back I
bit my lip and felt offended by my own words. Ouch!
So, please, if somebody took offense at my post, it really was not
meant like that. My apologies.
Björn
More information about the Gnupg-users
mailing list