deleting keys from keyserver w/o private key - PGP

This is a discussion on deleting keys from keyserver w/o private key - PGP ; I'm a noob and in learning how to use PGP i created and uploaded several keys to the keyserver. i then deleted the keys locally, but they are still on the server. i then learn that i should've revoked the ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: deleting keys from keyserver w/o private key

  1. deleting keys from keyserver w/o private key

    I'm a noob and in learning how to use PGP i created and uploaded
    several keys to the keyserver. i then deleted the keys locally, but
    they are still on the server. i then learn that i should've revoked
    the keys, then uploaded them, to get them off the server. now is
    there any way to get the keys off the server, since i don't have the
    private key locally, i foolishly deleted them.

    thanks
    sydemon

  2. Re: deleting keys from keyserver w/o private key

    On 10 Sep 2003 10:34:53 -0700, sydemon wrote:

    > I'm a noob and in learning how to use PGP i created and uploaded
    > several keys to the keyserver. i then deleted the keys locally, but
    > they are still on the server. i then learn that i should've revoked
    > the keys, then uploaded them, to get them off the server. now is
    > there any way to get the keys off the server, since i don't have the
    > private key locally, i foolishly deleted them.


    No.

    Even if you still had the keys, you cannot delete them from the
    keyservers. Some of the servers will allow deletion, but should
    get the keys back again, when they sync with other servers.

    For future reference, when you create a key, you should also
    generate a revocation certificate, that you store in a safe
    place, so you can send it to the key servers if/when necessary.

    One thing you can do now, is generate a new key, and add a userid
    such as "do not use keyid 0x?????. Private key destroyed",
    so anyone searching the keyserver using your name will hopefully
    see it, and choose the newer key.

    Regards, Dave Hodgins

  3. Re: deleting keys from keyserver w/o private key

    "David W. Hodgins" wrote in message news:...
    > On 10 Sep 2003 10:34:53 -0700, sydemon wrote:
    >
    > > I'm a noob and in learning how to use PGP i created and uploaded
    > > several keys to the keyserver. i then deleted the keys locally, but
    > > they are still on the server. i then learn that i should've revoked
    > > the keys, then uploaded them, to get them off the server. now is
    > > there any way to get the keys off the server, since i don't have the
    > > private key locally, i foolishly deleted them.

    >
    > No.
    >
    > Even if you still had the keys, you cannot delete them from the
    > keyservers. Some of the servers will allow deletion, but should
    > get the keys back again, when they sync with other servers.
    >
    > For future reference, when you create a key, you should also
    > generate a revocation certificate, that you store in a safe
    > place, so you can send it to the key servers if/when necessary.
    >
    > One thing you can do now, is generate a new key, and add a userid
    > such as "do not use keyid 0x?????. Private key destroyed",
    > so anyone searching the keyserver using your name will hopefully
    > see it, and choose the newer key.
    >
    > Regards, Dave Hodgins



    Thanks for the tips Dave. I'll create the keys you suggested. to
    create a revocation certificate w/ PGP 8 do i just add a revoker? or
    is that another way to revoke certs?

  4. Re: deleting keys from keyserver w/o private key

    On 10 Sep 2003 15:08:08 -0700, sydemon wrote:
    > Thanks for the tips Dave. I'll create the keys you suggested. to
    > create a revocation certificate w/ PGP 8 do i just add a revoker? or
    > is that another way to revoke certs?


    PGP 8 does allow you to specify a revoker, but I've never tried using it.

    What I do, is ...
    - Create a backup of the keyring files.
    - Revoke the key
    - Export the revoked key to a file
    - Copy the exported file to a backup
    - Without pgp running, restore the keyrings from the backup.

    Keep the file with the exported revoked key, in a safe place, so
    you can send the revoked key to the keyservers easily, when/if
    needed.

    This doesn't really do much, since, if you have backups of the
    keyrings, you can revoke the key later.

    You can send the file containing the revoked version of the key,
    to someone you trust, who can revoke your key for you, if needed.

    The main thing, is to make sure you keep copies of your keyrings,
    in safe places.

    Regards, Dave Hodgins

  5. Re: deleting keys from keyserver w/o private key

    "sydemon" wrote in message
    news:49cf01cc.0309101408.4cb8cf39@posting.google.c om...
    > "David W. Hodgins" wrote in message

    news:...
    > > On 10 Sep 2003 10:34:53 -0700, sydemon wrote:
    > >
    > > > I'm a noob and in learning how to use PGP i created and uploaded
    > > > several keys to the keyserver. i then deleted the keys locally, but
    > > > they are still on the server. i then learn that i should've revoked
    > > > the keys, then uploaded them, to get them off the server. now is
    > > > there any way to get the keys off the server, since i don't have the
    > > > private key locally, i foolishly deleted them.

    > >
    > > No.
    > >
    > > Even if you still had the keys, you cannot delete them from the
    > > keyservers. Some of the servers will allow deletion, but should
    > > get the keys back again, when they sync with other servers.
    > >
    > > For future reference, when you create a key, you should also
    > > generate a revocation certificate, that you store in a safe
    > > place, so you can send it to the key servers if/when necessary.
    > >
    > > One thing you can do now, is generate a new key, and add a userid
    > > such as "do not use keyid 0x?????. Private key destroyed",
    > > so anyone searching the keyserver using your name will hopefully
    > > see it, and choose the newer key.

    >
    > Thanks for the tips Dave. I'll create the keys you suggested. to
    > create a revocation certificate w/ PGP 8 do i just add a revoker? or
    > is that another way to revoke certs?


    A revocation certificate is something that some versions of PGP (and related
    apps) allow you to create separately, but with PGP 8, you should backup the
    key, revoke it, back up the _revoked_ version, then restore the original. If
    you loose the original private key, load the revoked version and publish
    that.

    A revoker is another private key that is permitted to publish a revocation
    certificate on your key (I guess this works by encrypting a revocation
    certificate to the corresponding public key and attaching it to your public
    key). One of my trusted friends is a revoker on my key, so that if
    everything goes wrong my key can still be revoked. But if we fell out, he
    could revoke my key without my permission.

    I've seen some key servers (don't ask me which ones - you'll just have to
    google to find them all to check) allow you to 'hide' a key. This means that
    unless you actually search for the key by its KeyID, it won't be returned by
    searches, and this isn't affected by the server synchronising with the other
    servers. However, you need to do this to all the servers individually, and
    not all of them allow it, particularly if you cannot prove that you are the
    original owner of the key.

    -----BEGIN GEEK CODE BLOCK-----
    Version 3.12
    GU>M d- s+:- a--- C++(++++) !U W++(+++) N+(++) o K? w+(--) ?O M>++ V? PS+
    PE-@ Y+(++) PGP++ t+(*) 5 X R(+) tv(-) b+(+++) DI++++ D G e(*) h!>--- r++
    z+>+++
    ------END GEEK CODE BLOCK------



  6. Re: deleting keys from keyserver w/o private key

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    "Gamma3000" wrote in
    news:3f60dfba@shknews01:


    > A revoker is another private key that is permitted to publish a
    > revocation certificate on your key (I guess this works by encrypting a
    > revocation certificate to the corresponding public key and attaching
    > it to your public key). One of my trusted friends is a revoker on my
    > key, so that if everything goes wrong my key can still be revoked. But
    > if we fell out, he could revoke my key without my permission.



    Just a reminder: This Designated Revoker has little function outside a
    corporate environment. When a Designated Revoker revokes a key, it will
    not show as revoked unless you also have the Designated Revoker's key on
    your keyring.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.2
    Comment: My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

    iQEVAwUBP2D3WWDeI9apM77TAQJOBQgAjl9TOjZOaTBP646Nzm exebnKiPe1EOPZ
    D5cApMbDBLe3OkP18/5RRxbSK4ir9KOtqMOJ1GgwuA4YgMgePCLk3iaS6tDdCWbD
    lFoSucAtPuApu3qrfL3x8W9aXpppmkPWOEjeR7hcfvD5Sn0crz yML4hlYiBqp67r
    KopmBhC25zHW3wUhTSVLr87Yb2UqI5G+/deeogPZ8ZZrJ877t5zEpVZRHj1h4NSS
    HQ6tWXYuHVJ4c4hfjwvK4CpObGZ67fHzYf2z7f+gvVtphhmGmw KCuGUQhiaJTJpo
    9lRXJOAhNsBB6/FkK63ZC9bAfDvLtEcnVxOqV/uuhUVqlCgwe0cpzg==
    =DtB8
    -----END PGP SIGNATURE-----

+ Reply to Thread