Batch mode for revocation certificate and key editing: security p
Fri Feb 15 08:35:01 2002
I am playing with the idea to change the sources of gpg, so that
- a revocation certificate can be made in batch mode (after creating the
key in batch mode)
- keys can be edited in batch mode (trust, sign, ...), controlled by
I tried it out and (with relatively little changes) have a test-version,
that is behaving like this. It reads from an input file that can be defined.
What I had to do for this: Create a sub-key (for signing only) without a
Now my question: Why was this not possible up to now? Is it a security issue
to revoce and edit automatically (aside of creating a sub-key for signing
without a passphrase)?
Thanks for any input