Full Disclosure mailing list archives
Re: Re: pgp passphrase
From: Valdis.Kletnieks () vt edu
Date: Fri, 26 Mar 2004 18:14:47 -0500
On Fri, 26 Mar 2004 10:24:56 CST, Max Valdez <maxvalde () fis unam mx> said:
That job is easy, the problem is that the revocation would happend really fast, so the key would be valid anymore.
Actually, the problem is that the revocation *won't* happen soon (if at all). First the user has to *realize* there's a problem - this in a world where we're *still* seeing MAGISTR, Klez, Sobig, and BugBear infected e-mail. Then, the user has to get the key revoked. Then finally, for PGP, the people verifying the signature have to go and manually fetch the revoked key and get it on their keyring. For S/MIME-style PKI, you need to be using software that actually checks a CRL (very few things do so by default).
Attachment:
_bin
Description:
Current thread:
- Re: Re: pgp passphrase, (continued)
- Re: Re: pgp passphrase Max Valdez (Mar 22)
- Re: Re: pgp passphrase Paul Schmehl (Mar 22)
- Re: Re: pgp passphrase Denis Dimick (Mar 22)
- Re: Re: pgp passphrase Paul Schmehl (Mar 22)
- Re: Re: pgp passphrase Jim Richardson (Mar 23)
- Re: Re: pgp passphrase Caraciola (Mar 23)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 23)
- Re: Re: pgp passphrase Sam Sharpe (Mar 23)
- Re: Re: pgp passphrase Cedric Blancher (Mar 23)
- Re: Re: pgp passphrase Max Valdez (Mar 26)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 26)
- Re: Re: pgp passphrase Max Valdez (Mar 26)
- Re: Re: pgp passphrase Max Valdez (Mar 22)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 22)
- Re: Re: pgp passphrase Nico Golde (Mar 22)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 22)
- Re: Re: pgp passphrase Michael Cecil (Mar 22)
- Re: Re: pgp passphrase Valdis . Kletnieks (Mar 22)
- RE: NEVER open attachments Jeremiah Cornelius (Mar 19)
- RE: PGP attachments (was: NEVER open attachments) Frank Knobbe (Mar 19)
- Re: PGP attachments (was: NEVER open attachments) petard (Mar 19)