Subject: Re: Beer...and keys.
To: Curt Sampson <email@example.com>
From: Andrew Brown <At.Brown@morganstanley.com>
Date: 12/18/2003 00:02:39
> > No, you can. Just use the revocation certificate that you created at
> > the same time you generated your key.
> I don't quite understand this. If you lose your laptop, you presumably
> lose your revocation certificate as well. If you've backed up your
> revocation certificate somewhere safe, what's to stop you from backing
> up your key there as well? If it's not safe enough to back up your key,
> what's to stop an attacker from revoking your key and committing a
> denial of service attack?
i think the point here is that you may choose between:
(1) shooting yourself in the left foot
(2) shooting yourself in the right foot
(3) forgetting to load your gun
(4) dropping your gun
(5) giving your gun to someone else who may choose to shoot you
(6) playing checkers
it's all in the cards.
NOTICE: If received in error, please destroy and notify sender. Sender
does not waive confidentiality or privilege, and use is prohibited.