(foulty) revoking key
Neil Williams
linux at codehelp.co.uk
Wed Nov 17 18:05:34 CET 2004
On Wednesday 17 November 2004 8:23 am, Rafał Rudnicki wrote:
> - generated a proper pair of keys
> - generated revoke-cert (revoking certyficate / key)
> - did send the public key to keyserver
Good.
> - double clikked (by mistake) the revoke-cert file, that effected with
> revoking my key (locally, on my PC)
Bad.
(Blame your OS - there's no reason for a revocation certificate to have an
automatic action, it should be described as text/plain and load in a text
editor, NOT gpg.)
> - I DID NOT send the revoked key to key server (so the revoked key still is
> present there as a valid key)
Good - if you'd done the next bit properly. As it turns out, sending to the
keyserver was a bad thing.
> - deleted from HD all files related to the "old" / revoked key (public key,
> secret key, revocation file, all backups (it was done very effectively, I
> can not recover thye files even with a solid file recovery software)
BAD!!! There was no need to delete the secret key (or the revocation
certificate).
Panic is NOT a good tutor.
>
> the problem: how to revoke / delete the not valid key from keyserver having
> nothing else but the public key on this server and assphrase ?
You can't. You need one of two things:
1. the secret key AND passphrase (neither is adequate on their own) OR
2. the revocation certificate.
There's nothing you can do, your original key now joins the army of redundant
keys on keyservers that can never be used or revoked.
Next time, PRINT the revocation certificate, DELETE the revocation certificate
FILE and keep the print out very safe.
THINK before you go for the shredder.
--
Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20041117/649cb495/attachment.bin
More information about the Gnupg-users
mailing list