Re: Key Revocation

[Gleb Arshinov <gleb@barsook.com>]

It would be nice to be able to revoke keys.  Though for us at Acunote,
it's not a high priority, because we are small.

For personal/small business use unauthorized access to the key is an
extraordinary event.  It's fine to nuke that whole machine's data.
For corporate use, you need to revoke access more often -- it's a
function of # of people with access and turnover rate.  With enough
data stored and enough turnover nuking data is not a good option.

As such decoupling authentication part of the key from encryption, and
giving user better control over authentication would helpful. For all
the same reasons people change passwords.

Best regards,

Gleb

Colin Percival wrote:
> Robert Clemens wrote:
> > The only issue not easily resolvable on your own would be losing your
> > key entirely. This would have an effect
> > on the account as it would permanently drain funds for data storage that
> > is unusable. There are a couple scenarios
> > that would happen in this case.
> >  1) The funds (hopefully few) would be depleted and you would use
> > another account.
> >  2) The funds are plentiful (bummer) and you would need to contact Colin
> > for support on this. Not sure what his
> >    options are as of this time to do file or key deletion on your behalf
> > if you could prove your identity justly.
>
> Yes, if you lose your keys for a machine and can convince me that you are
> yourself, I can delete the data stored by that machine so that it doesn't
> keep on draining money from your account.