Batch mode for revocation certificate and key editing: security p roblem?

Burkhalter Christoph
Fri Feb 15 08:35:01 2002

Hi all

I am playing with the idea to change the sources of gpg, so that
 - a revocation certificate can be made in batch mode (after creating the
key in batch mode)
 - keys can be edited in batch mode (trust, sign, ...), controlled by
another application

I tried it out and (with relatively little changes) have a test-version,
that is behaving like this. It reads from an input file that can be defined.
What I had to do for this: Create a sub-key (for signing only) without a

Now my question: Why was this not possible up to now? Is it a security issue
to revoce and edit automatically (aside of creating a sub-key for signing
without a passphrase)?

Thanks for any input
-- chris