Paperkey for Revocation Certificates? (Feature-Request :-)

Sven Radde email at sven-radde.de
Mon Oct 6 08:22:42 CEST 2008


Hi!

Am Sonntag, den 05.10.2008, 20:11 -0400 schrieb Faramir:
>   Also, if the key is reconstructed (and provided the passphrase can be
> found somewhere), it should be easy to revoke it...

Actively revoking a key requires the passphrase and it requires a
trustworthy PC. When I'm currently trying to envision a scenario that
would require me to use any kind of paperkey backup of my GnuPG keys, I
am not so sure that I would have the latter readily available.

But yes, true... I see that one can argue that pre-generated revocation
certs are unnecessary if reliable key backups are established.
Or, rather, that the risk would be that when the key backups are
destroyed, the pre-generated revocation cert wouldn't survive either.

cu, Sven




More information about the Gnupg-users mailing list