At 11:32 PM 1/14/97 -0500, harka@nycmetro.com wrote:

I started thinking about the issue, how to set up a system to have somebody else revoke your key for you, if you don't have the means to do so yourself. The possible case I had in mind was, what if you're maybe a dissident, you get arrested and your apartment (incl. disks/keys) gets raided. You don't have any means to revoke the key yourself, don't even have e-mail in general, and with the "one phone call", [.... method deleted .... lawyer, alice, bob, ... ]

Too complex for what you're really doing. Give your lawyer a floppy with the key revocation certificate and a yellow sticky about how to call Alice or Bob for help if your lawyer's not computer-literate enough to follow the README file. If you're paranoid about the cops getting your unindicted co-conspirators' names, use PGP Inc. or some computer consultant instead of Alice and Bob and have your lawyer pay their per-hour rate. On your One Phone Call, tell him to get the floppy out of the sealed envelope in his safe and use it. Key revocation certificates don't leak your private keys, so the only risk if the Bad Guys get a copy is denial of service, including the pain of rebuilding all your connections, etc.; it doesn't leak your communications or allow them to forge mail. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.)