On Sat, May 20, 2006 at 10:37:56AM +0000, NextGen$ wrote: > * David 'Bombe' Roden <[EMAIL PROTECTED]> [2006-05-20 12:18:40]: > > > On Saturday 20 May 2006 12:03, you wrote: > > > > > Why don't I want to allow new keys to be stored into revocation keys > > > ? Because I do trust people I'll give the revocation key enough for > > > revoking my key, but not enough to give them the private key. So I > > > don't want to allow them to regen&distribute a new key ;) > > > > With the simple system there is no special revocation key, or did I > > misunderstand something? > > just like USKs are ;) > > > If SRK is just a wrapper around SSK the > > revocation key would be the same as your SSK private key, wouldn't it? > > no, it wouldn't : it would be a different key. that's the purpose.
No, it would have to be the same. Otherwise it ceases to be simple, because it requires metadata changes. I'm inclined to just implement the proper way anyway, it's not THAT much work. > > > > > > NextGen$ > > > > David -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
