[newbie] Revoking vs deleting public keys
Tue Aug 5 02:11:03 2003
Content-Type: text/plain; charset=us-ascii
On 04-Aug-2003, Ediprogrammer@aol.com wrote:
> When do you recommend revoking versus deleting a public key?
Delete a key when you don't want to use it.
Revoke a key when you don't want anyone else to use it.
The main reason to revoke your key is because you have reason to believe
it has been compromised -- someone has possibly gained access to the
secret key, for example.
The trouble is, many of the scenarios where you want to revoke a key,
involve you no longer having access to the secret key -- which is
required to generate a revocation certificate! This catch-22 is
resolved by the recommendation to generate a revocation certificate when
you create the key, and keep it unused against the possibility of
wanting to revoke the key in the future.
\ "If you don't know what your program is supposed to do, you'd |
`\ better not start writing it." -- Edsger W. Dijkstra |
Ben Finney <firstname.lastname@example.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----