Yes, it's purely an advisory. It's designed to deal with key compromize. It's explicitly not a deletion mechanism.
On Sat, May 20, 2006 at 12:10:22PM +1200, David McNab wrote: > Matthew Toseland wrote: > > I propose: > > - We implement a Simple Revocable Key wrapper. This is simply a USK, > > with the prefix being SRK instead of USK, and where we check for > > SSK@<pubkey>/revoked. If this exists we return a permanent redirect to > > it, instead of the data to be returned otherwise. > > What FCP support do you plan for this? Maybe something like: > > ClientRevoke > Identifier=yada yada > URI=SRK at blahblah > EndMessage > > ... > > RevokeSuccessful > Identifier=yada yada > URI=SRK at blahblah > EndMessage > > Also, what if someone replaces 'SRK@' with 'SSK@' in the URI to bypass > the revocation? Are you planning to protect against this in the node? > > If the node doesn't know to follow the redirect when 'SSK@' is used, > then the revocation becomes just an advisory from the author to the > reader. Is this actually the intent? > > -- > Kind regards > David > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20060520/50bfcaef/attachment.pgp>
