[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Invalidate tarsnap key?

To: Arthur Chance <freebsd@qeng-ho.org>, tarsnap users <tarsnap-users@tarsnap.com>
Subject: Re: Invalidate tarsnap key?
From: Colin Percival <cperciva@tarsnap.com>
Date: Thu, 17 Mar 2022 17:07:15 -0700
In-reply-to: <618997bd-3ee7-234b-9db8-8b89e53986d2@qeng-ho.org>
References: <618997bd-3ee7-234b-9db8-8b89e53986d2@qeng-ho.org>

On 3/17/22 08:17, Arthur Chance wrote:

Is it possible to invalidate an existing tarsnap key so it cannot be
used in future. I have a key for a decommissioned machine so it's no
longer needed and hypothetically it could be used for DoS attack (by
creating bogus archives and draining the account funds). Obviously this
is impossible unless the key leaks somehow, but operational paranoia
would suggest invalidating it would be a good idea.


The API for disabling keys is "send Colin an email". ;-)

At some point in the indefinite future it should be possible to do this
via the Tarsnap website.

--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid

Follow-Ups:
- Re: Invalidate tarsnap key?
  - From: Arthur Chance <freebsd@qeng-ho.org>

References:
- Invalidate tarsnap key?
  - From: Arthur Chance <freebsd@qeng-ho.org>

Prev by Date: Re: Invalidate tarsnap key?
Next by Date: Re: Invalidate tarsnap key?
Previous by thread: Re: Invalidate tarsnap key?
Next by thread: Re: Invalidate tarsnap key?
Index(es):
- Date
- Thread