> > so at Facebook, we checked > the public keys that have been uploaded to people's profiles, and notified > people whose keys are affected
Jon, FYI your detection logic seems a bit overzealous, because (last time I checked) it detects revoked ROCA-vulnerable subkeys as making the whole public key unacceptable, even if the private key is not affected by ROCA. According to the responses on this thread https://lists.gnupg.org/pipermail/gnupg-users/2017-October/059417.html ROCA-affected subkeys have no effect on the validity of the private key or other subkeys, so if they're revoked everything should be ok. Rejecting public keys in this way is problematic for two reasons I can think of: 1. It confuses people because it implies that there's something wrong with your whole key even though the problem is only with a subkey. And it implies that revoking the subkey doesn't solve the problem. 2. It will force people to do extra work to remove their subkeys before exporting their public key for upload to Facebook. This is annoying to do and might lead to people deleting their subkeys from their local keyring permanently, which is probably a bad idea. I'm not certain, but I think keybase might be getting this wrong too. -Shannon
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users