Clarification on how revokation works

Chris De Young chd at
Thu Dec 2 00:40:44 CET 2004


This is probably a dumb question, but I just want to clarify how key 
revokation works...

Am I correct in thinking that really only the public key of a key pair is 
what is revoked?  (Though the secret key isn't all that useful without the 
public key being valid, of course.)

We have, in addition to people's individual keys, a shared key used for 
sending encrypted material to a group of people.  Each member of the group 
received a copy of the secret key with a temporary passphrase, then 
(presumably) changed the passphrase to something of their own.

Any member of the group with the secret key can revoke that key, 
effectively for everyone - right?

At a basic level, revoking a key is really just a matter of creating a 
signed statement saying "this key is no longer valid," yes?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20041201/a8656af1/signature.bin

More information about the Gnupg-users mailing list