invalid gpg key revocation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Mar 5 19:12:06 CET 2012
On 03/05/2012 12:12 PM, auto15963931 at hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.
> If they had, I have to believe that there would have been more
> damage done than this, and that does not appear to have happened. I
> mention the details, which may seem irrelevant, only because
> sometimes the devil is in the details. This event has in fact
> occurred, and I need to figure out how to explain it and prevent
> it.
Without pointing to the key in question and the associated revocation
certificate, there isn't much that folks on this list can do to help
you. Can you post a link to the key, or attach it to e-mail here? or
publish it to the public keyservers, and refer to it by keyID?
If you aren't willing to share the key publicly for other folks to take
a look at, you might want to review the revocation certificate to be
learn a few things:
* what key issued the revocation certificate?
* when was the revocation issued (according to its internal timestamp)?
* what cryptographic algorithms were used by the revocation
certificate?
* were the cryptographic bits correct?
* what was the encoded reason for revocation?
You might find some clues to the above by exporting the key from your
public keyring and piping it to gpg --list-packets:
gpg --export $keyid | gpg --list-packets
FWIW, if someone did compromise your secret key material, creating a
revocation certificate for your key is possibly the nicest thing they
could do with it.
--dkg
More information about the Gnupg-users
mailing list