Re: Revoking a Lost Key
I can't even remember what program I used to create them. I think it was when Symantec first started with the PGP program and was beta testing it. Anything that the keys encrypted is long gone anyway so not a huge loss. I just would have "properly dealt" with them if possible. I didn't think so, but figured I'd just in case. I remember the old FidoNet days. I was involved with QWK mail reader way back then. On 2/6/2020 9:50 AM, Shawn K. Quinn via Gnupg-users wrote: > On 2/6/20 09:41, Mark wrote: >> These were keys created in the 90s on probably 3 computers ago. I looked >> through some old CDs that I had laying around but they didn't have the >> saved keys. I don't use these keys anymore and having in over a decade. >> In fact the email address and even the entire ISP are long gone now. I >> was just thinking if I could revoke them I would but it doesn't look >> like that is possible. > If the email address is dead, I wouldn't worry about that. I have old > keys out there with FidoNet addresses on them, as well as > cypherpunk-style remailer keys I forgot to revoke before shutting down > the remailer and wiping the system. Stuff happens. > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
On 2/6/20 09:41, Mark wrote: > These were keys created in the 90s on probably 3 computers ago. I looked > through some old CDs that I had laying around but they didn't have the > saved keys. I don't use these keys anymore and having in over a decade. > In fact the email address and even the entire ISP are long gone now. I > was just thinking if I could revoke them I would but it doesn't look > like that is possible. If the email address is dead, I wouldn't worry about that. I have old keys out there with FidoNet addresses on them, as well as cypherpunk-style remailer keys I forgot to revoke before shutting down the remailer and wiping the system. Stuff happens. -- Shawn K. Quinn http://www.rantroulette.com http://www.skqrecordquest.com ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
These were keys created in the 90s on probably 3 computers ago. I looked through some old CDs that I had laying around but they didn't have the saved keys. I don't use these keys anymore and having in over a decade. In fact the email address and even the entire ISP are long gone now. I was just thinking if I could revoke them I would but it doesn't look like that is possible. On 2/5/2020 4:38 PM, Ralph Seichter via Gnupg-users wrote: > * Mark: > >> Is there anyway to revoke an OLD LOST PGP key? I no longer have either >> the public or private keys but can find the KeyID. > As you guessed, it is not possible, because you require the private key > in order to create a revocation. That's why it is recommended to create > revocations (and storing them safely and separately) right after > creating new keys, just for the case you describe, i.e. not having > access to the original key material later on. > > -Ralph > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
I figured it was not possible but just wanted to double check. It is an OLD key from the 90s attached to an email address for a ISP that no longer exists so it's not really used. IF it was possible I would revoke it but since it is not, it will just live out there forever. On 2/5/2020 4:37 PM, Damien Goutte-Gattat wrote: > On Wed, Feb 05, 2020 at 03:59:01PM -0700, Mark wrote: >> Is there anyway to revoke an OLD LOST PGP key? I no longer have either >> the public or private keys but can find the KeyID. I'm guessing not but >> figured I'd ask just in case. > > The revocation certificate needs to be signed by the private key, so > without the private key it is indeed not possible. > > It is possible to ask a third party to revoke your key in your stead, > but only if you have previously made said third party a "designated > revoker" (something that needs to be done in advance, when you still > have the private key). > > Since you cannot revoke, the only thing you may try is asking some of > the people who certified your lost key (if any) to revoke their > certification of your key. > > Cheers, > > - Damien ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
I know there was is a HUGE downside to be able to do that guessed that is why it is not possible. On 2/5/2020 4:07 PM, Chris DeYoung wrote: > I wouldn't think you would want to be able to do that. If it can be > done without the private key, then I can revoke your key for you... :-) > > -C > > On 2/5/2020 3:59 PM, Mark wrote: >> Is there anyway to revoke an OLD LOST PGP key? I no longer have either >> the public or private keys but can find the KeyID. I'm guessing not but >> figured I'd ask just in case. >> >> Thanks >> >> >> ___ >> Gnupg-users mailing list >> Gnupg-users@gnupg.org >> http://lists.gnupg.org/mailman/listinfo/gnupg-users >> > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
I wouldn't think you would want to be able to do that. If it can be done without the private key, then I can revoke your key for you... :-) -C On 2/5/2020 3:59 PM, Mark wrote: Is there anyway to revoke an OLD LOST PGP key? I no longer have either the public or private keys but can find the KeyID. I'm guessing not but figured I'd ask just in case. Thanks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
* Mark: > Is there anyway to revoke an OLD LOST PGP key? I no longer have either > the public or private keys but can find the KeyID. As you guessed, it is not possible, because you require the private key in order to create a revocation. That's why it is recommended to create revocations (and storing them safely and separately) right after creating new keys, just for the case you describe, i.e. not having access to the original key material later on. -Ralph ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoking a Lost Key
On Wed, Feb 05, 2020 at 03:59:01PM -0700, Mark wrote: Is there anyway to revoke an OLD LOST PGP key? I no longer have either the public or private keys but can find the KeyID. I'm guessing not but figured I'd ask just in case. The revocation certificate needs to be signed by the private key, so without the private key it is indeed not possible. It is possible to ask a third party to revoke your key in your stead, but only if you have previously made said third party a "designated revoker" (something that needs to be done in advance, when you still have the private key). Since you cannot revoke, the only thing you may try is asking some of the people who certified your lost key (if any) to revoke their certification of your key. Cheers, - Damien signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Revoking a Lost Key
Is there anyway to revoke an OLD LOST PGP key? I no longer have either the public or private keys but can find the KeyID. I'm guessing not but figured I'd ask just in case. Thanks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users