Malformed Revokation Certificate?
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Fri Aug 10 01:30:38 CEST 2012
On 08/10/2012 01:09 AM, Doug Barton wrote:
> Maybe I'm missing something in this conversation, and if so I
> apologize. But how would attaching the revocation cert to a key be
> possible in the scenario where the user lost the password?
Hi Doug,
The discussion entail having generated a revocation certificate using
--gen-revoke while having the passphrase and private key (should usually
be done at key generation and stored at a safe place, and is short
enough that a printed copy can be stored and manually typed need be)
At the time of key revocation it is then appended to the public key
using import, hence doesn't require a passphrase, the same way as A
doesn't need B's passphrase when signing B's public key.
hth
--
----------------------------
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Primum ego, tum ego, deinde ego
First I, then I, thereafter I.
----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120810/53f2f4d1/attachment.pgp>
More information about the Gnupg-users
mailing list