OT: Revoking Old Keys... my problem

Adrian 'Dagurashibanipal' von Bidder avbidder at fortytwo.ch
Fri May 7 09:36:39 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 06 May 2004 13.14, Greg Sabino Mullane wrote:
> > Just remember that you can't store the revocation certificate in
> > an encrypted form, so anybody hacking your webmail account
> > (or any sysadmin...) could revoke your key.
>
> Of course you can encrypt it. It's just a file like any other, so
> just "gpg -ca" and then you can store it anywhere you like, where
> you at least have the additional barrier of another password to
> learn before the revocation cert can be used.

Well, of course you can encrypt it. But how likely are you to remember 
how you encrypted it when you have to use an emergency revocation 
password?

I should have said that I don't recommend to encrypt it - it should be 
accessible no matter what happens.

cheers
- -- vbi


- -- 
Today is Boomtime, the 54th day of Discord in the YOLD 3170
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: get my key from http://fortytwo.ch/gpg/92082481

iKcEARECAGcFAkCbPItgGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjUmbWQ1c3VtPTVkZmY4NjhkMTE4NDMyNzYw
NzFiMjVlYjcwMDZkYTNlAAoJECqqZti935l6tIUAmwZE8k/I4B7XmyTUg53xO2Xh
LQQSAJ4sAQnwOiH+R10wT4KO5z+EfbP/7A==
=IWV7
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list