John W. Moore III wrote the following on 4/17/07 3:51 PM: [...] > > If You are unable to Revoke the former Key then by all means; Generate a > New Key (and create a standby Revoke cert) and Publish this Key *AND* > notify every critical correspondent of the new Key! Still, those folks > who Search for your Key via Email Address may send You encrypted Email > using the Former/Compromised Key. (Shake Head sadly and mutter, "Ah Shit") > > I suggest You Move On (sadder but wiser) and accept that that You have > made a common misstep on the path to Secure Communication.
If I may add one piece of "cobbler's approach" to the perfectly correct advice given by John. There is a most inelegant way to warn the folks worldwide that your previous key is unusable: when you generate your new key, and get to the "Comment" phase, you might insert something like "Key ID 0x5E6CBE2D unusable", if 0x5E6CBE2D is the key whose passphrase you have lost. Like I said, the cobbler's approach. Charly _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
