Ian G wrote:
Michael Ströder wrote:
Eddy Nigg wrote:
On 12/05/2008 08:58 AM, Ian G:
> When I lose a key, all the old encrypted email is no
longer readable ... which presumably happens when revocation happens as
well.
For your protection, yes.
???
If the private key is no longer available, yes, encrypted data
technically cannot be decrypted anymore.
Note the decision here to store the email in private-key encrypted form,
instead of (for example) cleartext or re-encrypting it with the master
password.
I think it's the right behaviour to store it with the key used to
decrypt the message. Note that this key is not necessarily in the
key3.db. It could be on a smartcard for which key recovery is enabled in
the CA backend.
Also note that you might have also lost your master password.
There are also S/MIME-enabled MUAs which have another local storage
policy. AFAIK the S/MIME standard does not mandate any policy for local
storage of encrypted e-mail.
This raises a lot of questions; why this implicit choice makes sense to
a user, for example, and what happens when a key is lost: will the user
ever return to using crypto ever again?
If your MUA stores encrypted e-mail as is (like I prefer) you have to
preserve the key history. That's not news and one can deal with it
easily as discussed in my other postings. I concur that a profile
backup/restore facility would be admirable for Mozilla products.
I then started thinking about revocation, as the official way to "lose"
the key,
You don't loose your private key if the accompanying public-key cert was
revoked and AFAIK it's not forbidden by any standard to use it to
decrypt archived data. Only the validity status of the public-key cert
is changed.
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
