Revoking Old Lost Keys

[Bruce Baugh]

-----BEGIN PGP SIGNED MESSAGE-----

I'd like to bring up a problem I haven't seen addressed much yet, and which
I think is going to come up with increasing frequency as PGP use spreads.

The problem is this: how can one spread the word that an old key is no
longer to be used when one no longer has the pass phrase, and cannot
therefore create a revocation certificate?

In my case the problem is medical: thanks to autoimmune problems, I get
random memory loss from time to time. Sometimes it's big - like an entire
semester of my sophomore year of college. Sometimes it's small - like three
old pass phrases. So there are keys of mine floating around the key servers
that I don't want used, and which are just taking up space.

Others will have more mundane problems, like creating a key years ago and
just plain not using it. But as PGP use moves out of essentially pure-geek
communities into the surrounded net.world, accidents and other carelessness
_will_ happen. I'm curious as to what thoughts, if any, y'all have about how
to deal with it.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEPAwUBMO4fZH3AXR8sjiylAQHOqwfPbvjHnfM7WlbjjUrrmYQ6Diba2aJb0g2K
KjsgTAZ3hyUGcnSBRsMPAb+GTkf440SRvX3JxBsRKn0X0lzHvM6ejKducQPrlJyM
ter8C8kiwhZXLcNQiAVpOthrarO7qYqs9JBXmEIm2JwAXtO2SwhB8KsUxvHJpf5R
v2036MQb2DSpz1VwmPw6yJYSCy5WrvyT/bRCgJ1Tukx2N0AJ3+tEBeXO9BhpwkjZ
oGQPa1XtvcgUGsR1a+HKytz9RrBcgh8voXOBz3LmP1EZH0YEG0VA0a2ej/JUkwza
et55dxK8LuuwOz6qo/9QJ2kyGqo641nRLowCdjXI29wITQ==
=Asuu
-----END PGP SIGNATURE-----

Bruce Baugh
bruceab at teleport.com
http://www.teleport.com/~bruceab