Subject: Re: Beer...and keys.
To: Miles Nordin <carton@Ivy.NET>
From: Curt Sampson <cjs@cynic.net>
List: regional-nyc
Date: 12/18/2003 12:45:48
On Wed, 17 Dec 2003, Miles Nordin wrote:

> No, you can.  Just use the revocation certificate that you created at
> the same time you generated your key.

I don't quite understand this. If you lose your laptop, you presumably
lose your revocation certificate as well. If you've backed up your
revocation certificate somewhere safe, what's to stop you from backing
up your key there as well? If it's not safe enough to back up your key,
what's to stop an attacker from revoking your key and committing a
denial of service attack?

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 90 7737 2974   http://www.NetBSD.org
    Don't you know, in this new Dark Age, we're all light.  --XTC