| ▲ | nebezb 3 hours ago | |||||||
The poster you originally replied to is suggesting this for revoking the attackers keys. Not for revocation of their own keys… | ||||||||
| ▲ | securesaml 3 hours ago | parent [-] | |||||||
there's still some risk of publishing an attacker's key. For example, what if the attacker's key had access to sensitive user data? | ||||||||
| ||||||||