On 12/5/2008 4:08 AM, Eddy Nigg wrote [in part]: > On 12/05/2008 08:58 AM, Ian G [also in part]: > > > When I lose a key, all the old encrypted email is no >> longer readable ... which presumably happens when revocation happens as >> well. > > For your protection, yes.
That's contrary to the way OpenPGP works. With OpenPGP, a revoked key can no longer be used to encrypt or sign. However, the private part of a revoked key can still be used to decrypt files and messages that the public part encrypted before revocation; and the public part of a revoked key can still be used to verify a signature generated by the private part before revocation. That's one reason why revoked keys are not removed from public key servers (the main reason being to let others know about the revocation). -- David E. Ross <http://www.rossde.com/> Go to Mozdev at <http://www.mozdev.org/> for quick access to extensions for Firefox, Thunderbird, SeaMonkey, and other Mozilla-related applications. You can access Mozdev much more quickly than you can Mozilla Add-Ons. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
