OT: Revoking Old Keys... my problem
Adrian 'Dagurashibanipal' von Bidder
avbidder at fortytwo.ch
Fri May 7 09:36:39 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Thursday 06 May 2004 13.14, Greg Sabino Mullane wrote:
> > Just remember that you can't store the revocation certificate in
> > an encrypted form, so anybody hacking your webmail account
> > (or any sysadmin...) could revoke your key.
> Of course you can encrypt it. It's just a file like any other, so
> just "gpg -ca" and then you can store it anywhere you like, where
> you at least have the additional barrier of another password to
> learn before the revocation cert can be used.
Well, of course you can encrypt it. But how likely are you to remember
how you encrypted it when you have to use an emergency revocation
I should have said that I don't recommend to encrypt it - it should be
accessible no matter what happens.
- -- vbi
Today is Boomtime, the 54th day of Discord in the YOLD 3170
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: get my key from http://fortytwo.ch/gpg/92082481
-----END PGP SIGNATURE-----
More information about the Gnupg-users