On 3/17/22 08:17, Arthur Chance wrote:
Is it possible to invalidate an existing tarsnap key so it cannot be used in future. I have a key for a decommissioned machine so it's no longer needed and hypothetically it could be used for DoS attack (by creating bogus archives and draining the account funds). Obviously this is impossible unless the key leaks somehow, but operational paranoia would suggest invalidating it would be a good idea.
The API for disabling keys is "send Colin an email". ;-) At some point in the indefinite future it should be possible to do this via the Tarsnap website. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
