-----BEGIN PGP SIGNED MESSAGE----- Hi there, I started thinking about the issue, how to set up a system to have somebody else revoke your key for you, if you don't have the means to do so yourself. The possible case I had in mind was, what if you're maybe a dissident, you get arrested and your apartment (incl. disks/keys) gets raided. You don't have any means to revoke the key yourself, don't even have e-mail in general, and with the "one phone call", that your hopefully entitled to, you can't really do much... It might have been discussed before, but here is what I came up with: Peter (the dissident) creates a signed key revokation certificate and a list of the intended recipients for it. He archives the files and then encrypts the archive conventionally. He then sends the encrypted archive file to his trusted friends (or relatives) Alice and Bob, without the passphrase though. (Note: For additional security, the files within the archive may be encrypted with A. and B.'s public keys). Then Peter gives a sealed envelope to his lawyer (or anybody he trusts and who would know, if something happened to him), containing the passphrase and the names of Alice and Bob, incl. their respective phone/fax numbers, e-mail adresses and snail mail adresses with the instruction to notify them if necessary. The lawyer however, does not have the archive itself. Now, in case of an arrest, Peter calls his lawyer (he'd very likely be the first one to know) and thus he knows, that Peter's keys have been compromised. The lawyer now opens the envelope and gets in touch with Alice and Bob, telling them of Peter's misfortune, and he gives them the passphrase for the archive. He also sends them the same information in an encrypted/signed e-mail. (Note: Of course, Alice and Bob have to have the lawyers public key and his key must be signed by Peter and vice versa. Preferably, Alice and Bob have met the lawyer at some point and have verified his key first hand.) Thus they know, it was really Peter's lawyer, who gave them the information, not somebody else, who might have gotten possession of the envelope... Alice and Bob, however, do not immediately send out the revokation certificate, but try to verify the information from the lawyer with independent sources, such as Peter's relatives, friends etc.. Only if one or better both of them (they should be in contact with each other too) has/have enough reason to believe, that Peter is really in trouble and that his keys have been compromised, they decrypt the archive and send his key revokation certificate to the intended recipients (friends, key-servers etc.). Note1: The entire system relies on the trustworthiness of Alice and Bob and their effort, to verify the information, before they send out the revokation certificate. Note2: The described chain of information/verification could go different directions. Even if Peter's mom is the first one to know, she could call Alice and/or Bob and/or his lawyer {...}, who in turn verify the information with others... Note3: As additional backup for the case, that the lawyer can't get in touch with neither Alice nor Bob, he could have the same archive file, encrypted with a different passphrase (which he doesn't know). If he can't talk to Alice or Bob within a reasonable time period (let's say 3 days), Peter could give him the passphrase and so his lawyer himself sends out the revokation certificate. Note4: In case, Peter doesn't even get the one phone call, but happens to be in a country, where one just "disappeares", having his secret keys compromised should be the least of his problems... But even then, chances are, that the word gets out and Alice and Bob could act upon it. Please let me know, if you think, that such a scheme could work (or not work). Also I'd be grateful, if you'd copy replies to my private e-mail adress as well, for I am currently not subscribed to the CP list... Ciao Harka /*************************************************************/ /* This user supports FREE SPEECH ONLINE * */ /* and PRIVATE ONLINE COMMUNICATIONS! * * */ /* * * */ /* E-mail: harka@nycmetro.com * * */ /* * */ /* Finger or E-Mail for PGP public key. * * */ /* Key Size: 2047 / KeyID: 04174301 * * */ /* Fingerprint: FD E4 F8 6D C1 6A 44 F5 http://www.eff.org */ /* 28 9C 40 6E B8 94 78 E8 */ /*<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/ /* May there be peace in this world, may all anger dissolve */ /* and may all living beings find the way to happiness... */ /*************************************************************/ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAgUBMtsI6zltEBIEF0MBAQHo7wf9GQTU5u72gFVZ0LMr7hhTWSikYVDFvzGF bGopD01j6bq3g9jYQC3YC0pRGfA+y8Q3qDLRbeJ5qMm3iXZgv7Axu2PVeri7ZE7r +GWZjfMk9EFGY1t9Jf2Fnm9mSAV0Cgq02vyhns8fLqTH1jcNuinZZ61Hq1+oSDFs f7/qttsqLZmxeHU+VI/47U0xkuh4NXQk/aZlNUOr9Au9+PhqJwpa7EGYzmCBKTzl pu4QRyjNnvgIuec2wkwVn8uNevvlc/aQB65uU55+NOQnMINl2V4S3lRim9F7gGH+ DV6NiZxmjxCXbX0y4K+33BX1YIwBgYz5EArM1O1j32lOpThIb03jmA== =stfG -----END PGP SIGNATURE----- If encryption is outlawed, only outlaws will have encryption...