Paperkey for Revocation Certificates? (Feature-Request :-)
Sven Radde
email at sven-radde.de
Mon Oct 6 08:22:42 CEST 2008
Hi!
Am Sonntag, den 05.10.2008, 20:11 -0400 schrieb Faramir:
> Also, if the key is reconstructed (and provided the passphrase can be
> found somewhere), it should be easy to revoke it...
Actively revoking a key requires the passphrase and it requires a
trustworthy PC. When I'm currently trying to envision a scenario that
would require me to use any kind of paperkey backup of my GnuPG keys, I
am not so sure that I would have the latter readily available.
But yes, true... I see that one can argue that pre-generated revocation
certs are unnecessary if reliable key backups are established.
Or, rather, that the risk would be that when the key backups are
destroyed, the pre-generated revocation cert wouldn't survive either.
cu, Sven
More information about the Gnupg-users
mailing list