On 03/05/2012 12:12 PM, auto15963...@hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.
> If they had, I have to believe that there would have been more
> damage done than this, and that does not appear to have happened. I
> mention the details, which may seem irrelevant, only because
> sometimes the devil is in the details. This event has in fact
> occurred, and I need to figure out how to explain it and prevent
> it.
Without pointing to the key in question and the associated revocation
certificate, there isn't much that folks on this list can do to help
you. Can you post a link to the key, or attach it to e-mail here? or
publish it to the public keyservers, and refer to it by keyID?
If you aren't willing to share the key publicly for other folks to take
a look at, you might want to review the revocation certificate to be
learn a few things:
* what key issued the revocation certificate?
* when was the revocation issued (according to its internal timestamp)?
* what cryptographic algorithms were used by the revocation
certificate?
* were the cryptographic bits correct?
* what was the encoded reason for revocation?
You might find some clues to the above by exporting the key from your
public keyring and piping it to gpg --list-packets:
gpg --export $keyid | gpg --list-packets
FWIW, if someone did compromise your secret key material, creating a
revocation certificate for your key is possibly the nicest thing they
could do with it.
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
