Problem removing a public key whose private key is gone

David Shaw dshaw at jabberwocky.com
Mon Mar 13 14:52:21 CET 2006


On Mon, Mar 13, 2006 at 07:58:20AM -0500, Atom Smasher wrote:
> On Mon, 13 Mar 2006, Neil Williams wrote:
> 
> >Werner et al. :
> >Maybe it's time that --send-key checks if the key to be sent has a 
> >secret key in the secret keyring and if it does, prompts the user about 
> >a revocation certificate BEFORE allowing the key to be sent?
> ==================
> 
> how many noobs upload new keys on the command-line? how many use "-a 
> --export" and then copy-n-paste into a web interface?
> 
> if more noobs opt for the former, your idea would spare the world of some 
> useless keys. i suspect that more noobs opt for the latter, in which case 
> the idea wouldn't help much.
> 
> maybe there needs to be a sandbox keyserver where users can upload keys 
> for practice, but it purges itself of keys >1 year old and doesn't sync 
> with "real" keyservers. if such a keyserver existed, it should probably be 
> the default keyserver in the preferences.

Cough, cough.  ldap://keyserver.pgp.com

It purges keys that aren't confirmed via email and doesn't sync with
any other keyserver.

Still, even with a keyserver that doesn't sync, that doesn't stop
other people from (accidentally or otherwise) downloading a key from
ldap://keyserver.pgp.com and distributing it via other means.

David



More information about the Gnupg-users mailing list