* David 'Bombe' Roden <droden at gmail.com> [2006-05-20 11:41:07]: > On Saturday 20 May 2006 10:26, you wrote: > > > > We could (should?) also include a field for the new URI. > > imho we shouldn't : the purpose is just to advertize that the key has > > been blown. > > But we agree on that including a new URI to transparently redirect the > user to instead of simply showing "*meep* you're fucked" does increase > the user experience, don't we? :)
That's not the problem. Imho we shouldn't allow those SSKs to be redirects. We can possibly in the revocation message let a pointer to where to find the new key. Why don't I want to allow new keys to be stored into revocation keys ? Because I do trust people I'll give the revocation key enough for revoking my key, but not enough to give them the private key. So I don't want to allow them to regen&distribute a new key ;) otherwise those revocation keys are pointless. NextGen$
