[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Invalidate tarsnap key?

To: Colin Percival <cperciva@tarsnap.com>, tarsnap users <tarsnap-users@tarsnap.com>
Subject: Re: Invalidate tarsnap key?
From: Arthur Chance <freebsd@qeng-ho.org>
Date: Fri, 18 Mar 2022 14:01:57 +0000
In-reply-to: <25a5ae72-2718-bf47-8f19-afaf9fe077a3@tarsnap.com>
References: <618997bd-3ee7-234b-9db8-8b89e53986d2@qeng-ho.org> <25a5ae72-2718-bf47-8f19-afaf9fe077a3@tarsnap.com>

On 18/03/2022 00:07, Colin Percival wrote:
> On 3/17/22 08:17, Arthur Chance wrote:
>> Is it possible to invalidate an existing tarsnap key so it cannot be
>> used in future. I have a key for a decommissioned machine so it's no
>> longer needed and hypothetically it could be used for DoS attack (by
>> creating bogus archives and draining the account funds). Obviously this
>> is impossible unless the key leaks somehow, but operational paranoia
>> would suggest invalidating it would be a good idea.
> 
> The API for disabling keys is "send Colin an email". ;-)

So API = Application Programmer's Initiative. :-)

> At some point in the indefinite future it should be possible to do this
> via the Tarsnap website.
> 

Thanks Colin.

-- 
All network cabling aspires to the condition of macramé.

References:
- Invalidate tarsnap key?
  - From: Arthur Chance <freebsd@qeng-ho.org>
- Re: Invalidate tarsnap key?
  - From: Colin Percival <cperciva@tarsnap.com>

Prev by Date: Re: Invalidate tarsnap key?
Next by Date: experimental Tarsnap packages for Ubuntu 22.04 jammy amd64
Previous by thread: Re: Invalidate tarsnap key?
Next by thread: experimental Tarsnap packages for Ubuntu 22.04 jammy amd64
Index(es):
- Date
- Thread