[OTR-users] Feature request- Revoke identity
Ian Goldberg
ian at cypherpunks.ca
Thu Nov 17 16:11:35 EST 2005
On Thu, Nov 17, 2005 at 03:50:11PM -0500, Gregory Maxwell wrote:
> I'd like to be able to select any identity I have the private key for,
> and hit a revoke and replace button. This will create a new identity,
> with the old one tagged below it as revoked. Whenever I talk to
> someone with this new identity it will provide them with proof it knew
> the old identity's private key. The old identity is then marked in
> their list as revoked and the software should refuse to communicate
> over it, even if they have not yet verified the new identity (if an
> attacker has my key I couldn't be more pleased if he went around using
> it to revoke it rather than using it to impersonate me!)
Looks pretty easy, but I think the details may be tricky. Just create a
revocation cert at the time you create the key. Store it on disk,
alongside the key. You should back up the revocation cert list, even if
you don't back up your private keys.
Then I can send you recovation certs, but you'll need to remember all
the ones you ever see, in case I send you "Revoke key A", but you've not
(yet) heard of key A, but later on, you do. And will you have to keep
sending that revocation forever? Or should there be some negotiation
like "Here's a hash of my entire revocation history" / "yup; I've got
all that, thanks"?
The wire protocol wouldn't have to change for this; a new TLV for
"revocation certificates" should work fine. Older clients would just
ignore it, which is as good a behaviour as you could expect.
Can you file an RFE on sourceforge for this so we don't forget? ;-)
The other hard part, of course, is making this make sense to people who
have never heard of keys or certificates or encryption.
- Ian
More information about the OTR-users
mailing list