I think the point DKG was making is that if an attacker has private key material you are lucky if they simply revoke your key, so yeah.
On Fri, May 15, 2015 at 12:16 PM, Paul Winkeler <[email protected]> wrote: > Isn’t this a means to effect a denial of service attack? End users maybe > “smart” enough to click on the message that allows them to connect anyway, > but there are many application stacks out there that fall apart once the > certs that control their encrypted connections are revoked… > > On May 15, 2015, at 11:10, Daniel Kahn Gillmor <[email protected]> > wrote: > > If I compromise your secret key, the nicest possible thing i can do with > it is get it revoked. There is no reason to prevent this action from > anyone who has access to the secret key. > > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 [email protected] PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
