[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Re: key-management problem
|
From: |
Bruce Stephens |
|
Subject: |
[Monotone-devel] Re: key-management problem |
|
Date: |
Thu, 16 Jun 2005 14:51:38 +0100 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) |
Peter Simons <address@hidden> writes:
[...]
> The problem is that _both_ keys have been used already. Just
> deleting one of them isn't an option (unless I can re-issue all
> certificates with the "other" key before deletion).
Ah. Presumably one key is used in one database, and the other in
another database (with which you want to sync)? (I presume netsync
wouldn't import things which didn't verify.)
> > In fact that's what I'd do: make a copy of the database,
> > then use dropkey on one of them, and try syncing.
>
> What is that going to achieve?
Nothing. Indeed, probably dropkey would refuse. However, if you had
a key which hadn't been used (you'd created it some time ago but never
used it and by accident created and used one with the same keyid in
another database), then that would be a way out.
It's probably not hard to write the necessary code to resign all the
relevant certs, but I can't think of any particularly good way to
recover without coding.