Revocation
Ingo Klöcker
ingo.kloecker@epost.de
Sat Dec 22 22:04:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday 22 December 2001 20:33, Richard B. Tilley (Brad) wrote:
> Hello freedom loving GNUpg users!
>
> I have a revoke.asc file in case something should ever happen to my
> secret key. Is it a good idea to encrypt the revoke.asc file? Could
> encrypting it with the key it is meant to revoke cause problems? I
> store revoke.asc in my .gnupg directory. I do not want to print it
> out on paper.
It's a very bad idea to encrypt the revoke.asc file because if you ever
loose your secret key or forget the passphrase you'll never be able to
revoke the corresponding key pair afterwards because you won't be able
to decrypt the revocation certificate.
The reason for creating a revocation certificate and storing it at a
safe place (i.e. not on your hard disk but on paper or an external
medium) directly after generating a new key pair is that this
certificate will always allow you to revoke your key even if you loose
your secret key for some reason (head crash, stolen PC, forgotten
passphrase, etc.).
Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8JPB+GnR+RTDgudgRAo+mAJ4mEi2fPCvL18ljQqDwtHMwQAeCsQCgwj6y
Sox7SWFctGukOTa7rr7Oslg=
=SOW6
-----END PGP SIGNATURE-----