Problem deleting my key from HTTP keyserver

Problem deleting my key from HTTP keyserver

Post by Neil D. Jackso » Sat, 02 Dec 2000 04:00:00



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Recently, a friend signed my PGP key with the wrong one of his set of
keys. He used his 'revocation' key by mistake and while there's
nothing wrong with this, I want to remove that particular signature
because it seems some people are wary of anything with the word
'revocation' in it, regardless of whether their fears are
ill-founded.

The process is, as I understand it:
1) delete the faulty signature from my local keyring's copy of my key
2) delete my key completely from any keyservers that it is stored on
3) upload my new, repaired key to those keyservers, and the job is
done.

I've managed to do this with the certserver.pgp.com keyserver (and
hence, the pgp.mit.edu one, which is actually the same server).
However, I cannot delete it from http://pgp.uk.demon.net:11371/ -
presumably because this is an HTTP-based server, and therefore it has
no way to validate that my authorisation for the delete has been
given. I cannot find an LDAP route into this server, so it seems it
will remain there forever.

My main worry is that the 'wrong' key will ultimately pollute the
'new' key somehow, by the servers resynching themselves, or someone
uploading the 'wrong' version to the certserver. Is this a valid
fear? And does anyone know who is responsible for maintaining the
Demon keyserver, and how I'd go about removing the 'wrong' key from
there?

Thanks in advance,

- --

Neil D. Jackson

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOie/d0VeX2k4RdWSEQIkKACfX/pCA+ykZ3A4TNGKt19/jlyI8Z4AoMbZ
QhSYMl+M5aStybbmFC56f4Oj
=B51q
-----END PGP SIGNATURE-----

 
 
 

Problem deleting my key from HTTP keyserver

Post by Phil Harriso » Sat, 02 Dec 2000 04:00:00




Quote:

>I've managed to do this with the certserver.pgp.com keyserver (and
>hence, the pgp.mit.edu one, which is actually the same server).
>However, I cannot delete it from http://pgp.uk.demon.net:11371/ -
>presumably because this is an HTTP-based server, and therefore it has
>no way to validate that my authorisation for the delete has been
>given. I cannot find an LDAP route into this server, so it seems it
>will remain there forever.

Have you tried contacting Demon and asking if they can remove it for
you? You appear to be posting via Demon, so I assume you are a customer
of theirs.

--
Phil Harrison

 
 
 

Problem deleting my key from HTTP keyserver

Post by Neil D. Jackso » Sat, 02 Dec 2000 04:00:00


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Quote:

> Have you tried contacting Demon and asking if they can remove it
> for you? You appear to be posting via Demon, so I assume you are a
> customer of theirs.

Er, I'll be honest, no, I haven't. Yet.

Alas, there is no 'recognised contact address' for the Demon pgp
server (it doesn't appear to be part of the standard customer tools -
like much of Demon's really advanced kit, it's unsupported). Also,
from experience, unless you know exactly who to contact at Demon for
a given item (especially if it's unsupported), you can expect to
spend a fair portion of the rest of your life playing 'phone tag'
<grin>

I was posting here in the hope of finding some other Demon user had
previous experience with the PGP server there, and would be able to
pass the correct contact info on to me. Very often this
'peer-to-peer' route to a solution works much faster (and probably
with many ISPs than just Demon).

Thanks - I will try your suggested route, after I've stoked up on the
Valium and taken out another life-insurance policy.<g> Meantime, I'll
give the posting a little more time to propagate, and see what comes
of it.
Regards
Neil

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOifQT0VeX2k4RdWSEQJgVQCZAcLZlmnLDVleBMfpc8dRoV1DQxwAoIOZ
ihf5fdhMzPgQ2fIYXD7YkOnN
=ZmxB
-----END PGP SIGNATURE-----

 
 
 

Problem deleting my key from HTTP keyserver

Post by Ray J. Dio » Mon, 04 Dec 2000 11:21:45


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Neil,
You might try the other newsgroups that begin with DEMON.  When I
lived in England, I found the groups usually helpful.  I don't
remember all of them but you should be able to download and look what
might be appropriate (all 22,000+ of them :-) )

Ray



> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1



> > Have you tried contacting Demon and asking if they can remove it
> > for you? You appear to be posting via Demon, so I assume you are
> > a customer of theirs.

> Er, I'll be honest, no, I haven't. Yet.

> Alas, there is no 'recognised contact address' for the Demon pgp
> server (it doesn't appear to be part of the standard customer tools
> - like much of Demon's really advanced kit, it's unsupported).
> Also, from experience, unless you know exactly who to contact at
> Demon for a given item (especially if it's unsupported), you can
> expect to
> spend a fair portion of the rest of your life playing 'phone tag'
> <grin>

> I was posting here in the hope of finding some other Demon user had
> previous experience with the PGP server there, and would be able to
> pass the correct contact info on to me. Very often this
> 'peer-to-peer' route to a solution works much faster (and probably
> with many ISPs than just Demon).

> Thanks - I will try your suggested route, after I've stoked up on
> the Valium and taken out another life-insurance policy.<g>
> Meantime, I'll give the posting a little more time to propagate,
> and see what comes of it.
> Regards
> Neil

> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use
> <http://www.pgp.com>

> iQA/AwUBOifQT0VeX2k4RdWSEQJgVQCZAcLZlmnLDVleBMfpc8dRoV1DQxwAoIOZ
> ihf5fdhMzPgQ2fIYXD7YkOnN
> =ZmxB
> -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOimugajzIBQvSLmaEQJGmACfazPeUc2bpfNJU6cnYHdbp9/k5vIAoKMi
RQuH0dBuA1wXCOBdKlfQskxm
=qWq5
-----END PGP SIGNATURE-----