Subject: Re: Beer...and keys.
To: Curt Sampson <cjs@cynic.net>
From: Jim Wise <jwise@draga.com>
List: regional-nyc
Date: 12/18/2003 12:30:07
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 19 Dec 2003, Curt Sampson wrote:

>On Thu, 18 Dec 2003, Jim Wise wrote:
>
>> If someone has your private key (from stealing your laptop) you
>> *certainly* want to issue a revocation, even if you have a backup of the
>> key as well as the revocation....
>
>Certainly. But in that case you can issue a revocation without having
>previously created a revocation certificate.

This is definitely true -- but as others have pointed out, while the
revocation can be placed on relatively insecure media (a USB keychain in
your home file cabinet, your home directory on another system, given to
a friend), the key should not be.

- -- 
				Jim Wise
				jwise@draga.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQE/4eQmRxzMSZ/9vAMRAug1AJ9s6TAwJNdFozDSzb3LJ3PERa0NjACgqeJu
r0Wxm/UmSN9VqfYK/1y7pIU=
=6dFD
-----END PGP SIGNATURE-----