[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Key Revocation



Hi,

as far as I unsterstood it, tarsnap uses symmetric keys for signing and
hashing data. You can submit the key to the server to authenticate
to the server and ensure that the data is transfered correctly.
This sounds very reasonable and secure to me.

However, I couldn't find a way to revoke a key, in case it is
compromised or lost. Is this a design descision, a drawback of
symmetric cryptography or have I simply overlooked something?

Regards,
Matthias-Christian