-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 20 May 2006, at 02:41, David 'Bombe' Roden wrote: > On Saturday 20 May 2006 10:26, you wrote: > >>> We could (should?) also include a field for the new URI. >> imho we shouldn't : the purpose is just to advertize that the key has >> been blown. > > But we agree on that including a new URI to transparently redirect the > user to instead of simply showing "*meep* you're fucked" does increase > the user experience, don't we? :) No, because if the SSK can no-longer be trusted, then how can you trust the redirect? This revocation mechanism is a last-resort "self destruct" button for a SSK, only to be used in the rare and unlikely event of an SSK compromise. I don't think we need to worry too much about the friendliness of the user experience in this scenario, so long as the user knows that they can no-longer trust the SSK. Ian. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (Darwin) iD8DBQFEb2ZeQtgxRWSmsqwRAq/DAJ9OwKGmFyfgR0r2tU37Si2ppC46CQCeOCaX jbo9ITM90DvonElfTmfrZ0Y= =qUUq -----END PGP SIGNATURE-----
