Security Key Management
This cluster focuses on discussions about managing cryptographic keys, particularly challenges like revoking compromised keys, handling key loss or theft, regeneration, and recovery without backups.
Activity Over Time
Top Contributors
Keywords
Sample Comments
Why do you think they can revoke the keys?
Two keys. You don't want to be involved in the mess when one of the keys gets in your opinion compromised.
It does not back up keys. In case of a key loss, a new one is generated and all your contacts get a warning that your key changed.
Still an improvement. Keys can be revoked and regenerated.
I think idea is that you don't backup secret key material.You should add multiple keys to your logins and have a "backup" key which is separate one.Especially when you lose physical key, you want to have different one and revoke lost one asap.The same with private keys generated on a device - private key should stay on the device on which it was generated and never copied. If you need access from a different device you generate private key on another device and transfer p
why is that a problem? a well oiled practice for revocation in case of compromise sounds like a good thing to me.
How do you restore access if a user's private key is lost or compromised?
can you explain key management? is it via the user's password? what happens if passwords are lost or changed?
What happens if you lose or damage your key? Is there some sort of backup/recovery or fallback scheme?
hm. I guess these are the early days for the industry where providers are figuring this stuff out. I won't be surprised to see them add that. yes, you can lose keys, even (especially) if they are digital!