log
54 entries in 0.305s
asciilifeform: if it reduces to the same thing, given lack of revocation mechanism
asciilifeform: ntion (such as a digital signature law, or a contract between members of an EDI system) and the validation of even conventional digital signatures involves reference to an online or at least near real-time certificate revocation list.'
asciilifeform: 'So if it is claimed that the Guy Fawkes protocol is not really a signature, then the onus would be on the objector to show how to deal with the many other kinds of signature that use interaction, as well as the importance of context — the framework of certification and revocation services, legal conventions and so on — to the utility of digital signatures. In most applications, the value of signatures ultimately depends on conve
asciilifeform: adlai: this is not the only problem with concept of 'revocation'.
adlai: re: the revocation thread from a couple days ago: why not require/expect keys, ratings, and revocations to be at least deeded, or better yet, spammed into the chain itself?
a111: Logged on 2016-08-23 21:41 asciilifeform: znort987: rather, yes, there was provision for it in the original openpgp spec, but it is a bogus concept because it entails a global repository of revocation messages and a universal agreement re what time it presently is.
asciilifeform: what do you do with a signature that took place after a revocation time, that you have ALREADY accepted as valid for some purpose ?
asciilifeform: revocation is a ~promise~, in that there is not such a thing, and never will be such a thing, as a magical lever that instantly makes a key stop working.
a111: 40 results for "revocation", http://btcbase.org/log-search?q=revocation
asciilifeform: $s revocation
asciilifeform: znort987: rather, yes, there was provision for it in the original openpgp spec, but it is a bogus concept because it entails a global repository of revocation messages and a universal agreement re what time it presently is.
asciilifeform: znort987: key revocation is not actually a thing
asciilifeform: this thread is quite reminiscent of the gpg key-revocation thread.
adlai: http://log.bitcoin-assets.com/?date=10-11-2015#1321117 << fwiw http://deedbot.org/deed-375398-2.txt is a prototype for upcoming RFC, "proof by example of the key revocation protocol"☝︎
trinque: reminds me of key revocation actually, in the bad way
ascii_butugychag: or the idiot pgp revocation cert sense
assbot: Logged on 28-12-2015 15:49:52; ben_vulpes: Softforks that explicitly create an incentive for their own revocation create an extraordinary moral hazard. << rather
ben_vulpes: Softforks that explicitly create an incentive for their own revocation create an extraordinary moral hazard. << rather
adlai: fwiw back when i had to cull a key, something to do with revocation certificates seemed to do the trick
deedbot-: [Qntra] IRS Declares Cryptome Charity 2 Days After Key Revocation - http://qntra.net/2015/10/irs-declares-cryptome-charity-2-days-after-key-revocation/
kakobrekla: prolly because of key revocation
mats: so, practically, i shouldn't even bother handling revocation signatures?
assbot: Logged on 15-05-2015 03:34:04; assbot: Logged on 14-05-2015 21:44:05; ascii_field: i'm kinda curious why mircea_popescu considers a new key signed with a previous key to not be a logical continuation of the same identity. (is it because of the impossibility of hard-guaranteed revocation, as discussed in previous thread?)
mats: key revocation
mircea_popescu: what revocation ?
mats: because search is broken i am having trouble discovering the revocation thread. anyone have a link, or would mind explaining implications for e.g. keyserver?
ascii_field: trinque: also not so easy. see the key revocation thread of last month.
assbot: Logged on 13-06-2015 22:26:32; pete_dushenski: 1) gpg version omitted, 2) revocation certification auto-generated, 3) auto-encrypt drafts, 4) warning message for idiots like travis patron that they're about to send an unencrypted reply to an encrypted message
pete_dushenski: 1) gpg version omitted, 2) revocation certification auto-generated, 3) auto-encrypt drafts, 4) warning message for idiots like travis patron that they're about to send an unencrypted reply to an encrypted message
assbot: Logged on 14-05-2015 21:44:05; ascii_field: i'm kinda curious why mircea_popescu considers a new key signed with a previous key to not be a logical continuation of the same identity. (is it because of the impossibility of hard-guaranteed revocation, as discussed in previous thread?)
ascii_field: i'm kinda curious why mircea_popescu considers a new key signed with a previous key to not be a logical continuation of the same identity. (is it because of the impossibility of hard-guaranteed revocation, as discussed in previous thread?)
funkenstein_: no public key - can't apply revocation certificate <--- gpg --import spits this out. what does it mean?
asciilifeform: picture if - the equalistas will step up their game now. i recall there already was talk of (soviet-style!) revocation of watson's degrees.
Dekker3D: Nop. It told me to add a revocation certificate first.
benkay: the important part is to generate revocation certs and store them offline, and removing the master key from the daily use device
danielpbarron: you could issue a twitter revocation message
benkay: made revocation certs?
ozbot: Heartbleed certificate revocation tsunami yet to arrive | Netcraft
asciilifeform: http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html
ninjashogun: Apocalyptic, I am trying to understand the architectural trade-offs in the Cardano, and, specifically, why the private key MUST be stored in the plain with no mitigation against loss. (Except key revocation, if the user is aware of it). Why it has to be "fail-dangerous" and not "fail-90% dangeorus"
benkay: thumbs up or down on revocation certs safely stored offline?
pankkake: tip for next time: save a revocation key :)
pankkake: supports revocation, too. basically bitcoin signatures are "lower level", you have a public/private key and that's it
pankkake: didn't save a revocation stuff either?
BingoBoingo: mircea_popescu: Yeah. I'm working on a report. The report will probably be in the form of a post titled "Fuckity Fuck Fuck" as I GPG sign a revocation of a certain address's message signing privileges.
davout: i'm just saying you're forgetting the main point of the revocation cert (in this specific context) in your answer
davout: but regarding the revocation cert it's still useful to have
pankkake: http://trilema.com/2013/snsa-first-product-the-cardano/#comment-95493 +1 especially the revocation certificate, which I forgot existed (though I have mine somewhere…)
davout: since you now have to handle revocation as well
thestringpuller: It was on the issue of gender revocation, or societies denial of gender "skills".
mircea_popescu: smickles basically some guy made a trust, but didn't properly account for revocation
OneEyed: And even a revocation would only happen if the key was really compromised
OneEyed: mircea_popescu: the only risk is a DOS, since you cannot remove anything from a key, only add to it - and if someone manages to sign a revocation certificate for someone else, well, that someone else will be happy to have the revocation added to his key!
OneEyed: mircea_popescu: out of curiosity, why don't you offer the possibility to update a key (expiration date, revocation)? It could be transferred the same way orders are, and that would make the system only more secure, wouldn't it?