On Wednesday 12 May 2010 02:49:43 Grant Olson wrote: > I think the semantics and correct behavior become unclear when one of > the keys is revoked. > > - Alice has two encryption keys. > > - Bob sends to both keys. > > - Alice revokes one key. > > - Bob doesn't refresh his keys. Continues sending to both keys. > > - The unrevoked key decrypts things just fine.
Currently if someone captures the last key and Bobs never refreshes his keyring he will always continue to send to the last key since he doesn't know it's been revoked and a new last key has been added. The attacker could still read Bobs messages. > > If Alice has one key and revokes it, she'll get a warning that Bob is > still sending to the revoked key, and can take corrective action. New behavior encrypt-to-all-not-revoked-encryption-subkeys: Alice gets a warning because Bobs encrypts to both subkeys but one has been revoked at Alice. Alice could still inform Bob to refresh his keyring. Gnupg states that a message is encrypted to multiple keys.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
