Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
securesaml
5mo ago
0 comments
Save
Share
it is less of a problem for revoking attacker's keys (but maybe it has access to victim's contents?).
agreed it shouldn't be used to revoke non-malicious/your own keys
0 comments
3 comments · 1 top-level
top
newest
oldest
nebezb
5mo ago
· 2 in thread
The poster you originally replied to is suggesting this for revoking the attackers keys. Not for revocation of their own keys…
securesaml
OP
5mo ago
there's still some risk of publishing an attacker's key. For example, what if the attacker's key had access to sensitive user data?
throwawaysleep
5mo ago
All the more reason to nuke the key ASAP, no?
j
/
k
navigate · click thread line to collapse
