[OTR-users] Feature request- Revoke identity
Gregory Maxwell
gmaxwell at gmail.com
Thu Nov 17 15:50:11 EST 2005
Perhaps this should have been made at the last protocol change.. but I
didn't have cause for it until now...
I'd like to be able to select any identity I have the private key for,
and hit a revoke and replace button. This will create a new identity,
with the old one tagged below it as revoked. Whenever I talk to
someone with this new identity it will provide them with proof it knew
the old identity's private key. The old identity is then marked in
their list as revoked and the software should refuse to communicate
over it, even if they have not yet verified the new identity (if an
attacker has my key I couldn't be more pleased if he went around using
it to revoke it rather than using it to impersonate me!)
I thought it might also be useful if users exchanged lists of revokes
to insure the revocation gets around quickly, but there are too many
privacy problems with that ("oh, you also know user X").
The application is if you are aware that your key has been compromised
you can quickly cause other users to stop using it to prevent
impersonation. If you actually lose the key then you couldn't create
revokes, ... but I guess we can't have everything.
I have no clue if this can be easily fit into the current protocol,
but I feel confident that we should eventually have the feature.
More information about the OTR-users
mailing list