On 06/07/14 16:25, Johan Wevers wrote: > I don't see the relation between these two.
I agree. This conversation is still a mystery to me. "The Fuzzy Whirlpool Thunderstorm", it seems to me you advocate revoking an encryption key, or letting it expire, when you suspect the key could be cracked by an adversary. This does not help at all for anything already encrypted to that key, it only prevents people (who have fetched the revocation) to encrypt any new data to that key. Any old data can still be decrypted by your adversary, who has computed your private key. The method works reasonably well for signature keys, apart from the fact that your adversary can still fake a signature in the past, when your signature key was still valid. Also, your correspondents still need to fetch the revocation before they realise new signatures are invalid. Could you explain what you mean? I'm really getting the impression we're talking about cracking an encryption key, and I don't see how revoking such a key would help significantly for that. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users