On 03/05/2012 12:12 PM, auto15963...@hushmail.com wrote: > I am 99.9% sure no one has gotten access to my machine or my keys. > If they had, I have to believe that there would have been more > damage done than this, and that does not appear to have happened. I > mention the details, which may seem irrelevant, only because > sometimes the devil is in the details. This event has in fact > occurred, and I need to figure out how to explain it and prevent > it.
Without pointing to the key in question and the associated revocation certificate, there isn't much that folks on this list can do to help you. Can you post a link to the key, or attach it to e-mail here? or publish it to the public keyservers, and refer to it by keyID? If you aren't willing to share the key publicly for other folks to take a look at, you might want to review the revocation certificate to be learn a few things: * what key issued the revocation certificate? * when was the revocation issued (according to its internal timestamp)? * what cryptographic algorithms were used by the revocation certificate? * were the cryptographic bits correct? * what was the encoded reason for revocation? You might find some clues to the above by exporting the key from your public keyring and piping it to gpg --list-packets: gpg --export $keyid | gpg --list-packets FWIW, if someone did compromise your secret key material, creating a revocation certificate for your key is possibly the nicest thing they could do with it. --dkg _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users