Y
Hacker News
new
|
ask
|
show
|
jobs
by
ckastner
3597 days ago
Linus' fake key [1], as well as all the others from the random sample I took, have been revoked as of today.
[1]
http://pgp.mit.edu/pks/lookup?op=vindex&search=0xEA185A5E76E...
.
1 comments
brians
3597 days ago
So the evil32 people kept the private keys. That's exciting.
link
mpasternacki
3597 days ago
Not necessarily, they might have just generated revokation certs which are separate (so that they can be used in case your private key is lost). Keeping a revokation cert would be a responsible thing to do, just in case something like this happens.
link
eridius
3597 days ago
They had an old backup that contained the private keys. See this comment
https://news.ycombinator.com/item?id=12298230
link