Revoke and expire

David Shaw dshaw at jabberwocky.com
Mon Jun 11 19:26:16 CEST 2007


On Mon, Jun 11, 2007 at 10:24:23PM +0530, Hardeep Singh wrote:
> Hi
> 
> When a key is revoked using the revocation certificate, does it have
> the same effect as reaching the expiry date of the key? In other words
> if I set a key to no expire but generate a revocation certificate, it
> is equally safe?

They're similar, but different.  A key that has reached its expiration
date is not usable, but a new expiration date can be put on it that
makes the key usable again.  A key that has been revoked cannot be
easily un-revoked.

Note that I'm talking about whole keys here.  It is possible to
un-revoke a revoked user ID on a key.

David



More information about the Gnupg-users mailing list