Re: Delete key from keyserver

Sun, 23 Oct 2005 20:59:44 -0700 



Am I missing something?



The web of trust.  (And the documentation, apparently.)




Okay. I got that by now. I think the problem was that MacGPG makes it  
really easy to get started with GPG:



There's a plug-in that integrates nicely with Apple's Mail. And the  
Keychain Assistant let's you do all the key creation and uploading  
things easily. That's great. That's a start to get people actually  
using GPG.



But then unlike the command line tools the software does not  
recommend to make a backup copy of your private key. It does not  
recommend to make a hard copy of your key. It does not recommend to  
create a revocation certificate. It also does not explain that  
downloading a public server means that this key can be trusted. That  
of course is a not so good start to get people actually using GPG.



In my case, there was also a bug: When I tried to delete a key I  
didn't want, up came a cryptic error message. So after a while since  
I had just been playing around after all, I thought I just delete my  
keychain and start from scratch. Did that twice actually for the same  
reason. And that's how I lost those private keys.



Anyway, regarding MacGPG, it's a great software even at 0.3.x. I can  
only commend the creators for the effort they have put into it so  
far. Now to prevent that others get bitten like I was I will suggest  
to the authors that they will build recommended practices into the  
software. So after creating a key it could prompt the user to export  
a copy, print a hard copy and create a revocation certificate. The  
deletion error could be fixed, and before deleting a key, the  
software could warn of the implications and advice to create a backup  
copy first somewhere else. Before uploading to a server it could  
explain the implications of that. And before downloading a key it  
could again explain some more of the meaning.




P.S.:  A slightly less inflammatory tone would not have harmed either.




You're absolutely right. It wasn't meant to be inflammatory, nor was  
I in an angry mood or something. I was trying to be straight-forward  
with my reasoning. But after rereading my post when it came back I  
bit my lip and felt offended by my own words. Ouch!



So, please, if somebody took offense at my post, it really was not  
meant like that. My apologies.


Björn





_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users























					Reply via email to