On Mon, 2008-10-20 at 10:57 +0200, Markus Wanner wrote: > Hi, > > Robert White wrote: > > Try things like wanting to be able to revoke/destroy one key when the > > contract is over etc. > > I fail to see how that's even possible in a distributed environment. The > only thing one single party can do is distrust a key. There's no way to > make sure the other party "destroys" its key - and won't have a backup > somewhere.
It's entirely possible to destroy the private half, since only one person should ever have that. And being sure in this case sounds more like a matter of contracts rather than technology. Something can be useful even when technology can't guarantee it. (This also actually sounds *almost* reasonable -- very slightly less risk of someone stealing the contractor's computer (and private keys) and signing garbage that they can try to sneak into your source repositories.) _______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel