#121 Warn the user if they uploaded a public key to a keyserver and want to delete the secret key - GPG Keychain Access

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#121 new

Warn the user if they uploaded a public key to a keyserver and want to delete the secret key

Reported by Luke Le | January 11th, 2012 @ 02:51 PM

We've just had an issue where a user deleted their private key which was connected
to a public key uploaded to a keyserver.
He deleted the key because things were not working properly and create a new one.

Now his friend fetched the public key from the keyserver and send him an email, but
the email couldn't be decrypted because the secret key was already gone.

It's pretty trick to prevent this problem but one starting point could be if GPG Keychain Access checked the keyserver to see if the public key to a secret key was already published (also keep track of publish key actions directly in GPG Keychain Access) and
warned the user about the fact that their public key is on a keyserver and that if they deleted the secret key new message wouldn't decrypt anymore.

UPDATE: After some discussion we think it's best to export the secret key before deleting it. That way the user can always undo the operation, and since the key is still encrypted using its passphrase, it's just as secure as if it was still in the secring.gpg file.

Comments and changes to this ticket

Support January 11th, 2012 @ 02:52 PM
Assigned to Tender discussion #335.
Support July 26th, 2013 @ 03:40 PM
Assigned to Tender discussion #9943.
steve July 26th, 2013 @ 08:58 PM
- Title changed from “Warn the user if they uploaded a public key to a keyserver and want to delete the secret key.” to “Warn the user if they uploaded a public key to a keyserver and want to delete the secret key”
You flagged this item as spam.
mactrix August 2nd, 2013 @ 02:47 PM
- Assigned user set to “Support”
Did you guys change something in GPG Keychain Access 1.1?

Some people cannot remove my legacy key from the 24th of July. I only want them to use the key from the 25th but both keys show up in their list. I cannot decrypt their emails because I deleted the SC from the 24th and I cannot force them to only use my new key from the 25th.

This is all so frustrating...
Luke Le August 2nd, 2013 @ 02:50 PM
What happens if they try to delete it in GKA 1.1?
We didn't change anything concerning that.
You flagged this item as spam.
mactrix August 2nd, 2013 @ 03:27 PM
The removed key reappeared. I now solved the problem with one of them. The old key doesn't reappear anymore - for now. Maybe double check on your end if it's possible that removed keys can reappear in the GPG Keychain Access app.
You flagged this item as spam.
Mento February 24th, 2014 @ 01:29 PM
- Tag set to “keyserver”

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.