invalid gpg key revocation

Daniel Kahn Gillmor dkg at
Mon Mar 5 19:12:06 CET 2012

On 03/05/2012 12:12 PM, auto15963931 at wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys. 
> If they had, I have to believe that there would have been more 
> damage done than this, and that does not appear to have happened. I 
> mention the details, which may seem irrelevant, only because 
> sometimes the devil is in the details.  This event has in fact 
> occurred, and I need to figure out how to explain it and prevent 
> it.

Without pointing to the key in question and the associated revocation
certificate, there isn't much that folks on this list can do to help
you.  Can you post a link to the key, or attach it to e-mail here?  or
publish it to the public keyservers, and refer to it by keyID?

If you aren't willing to share the key publicly for other folks to take
a look at, you might want to review the revocation certificate to be
learn a few things:

 * what key issued the revocation certificate?
 * when was the revocation issued (according to its internal timestamp)?
 * what cryptographic algorithms were used by the revocation
 * were the cryptographic bits correct?
 * what was the encoded reason for revocation?

You might find some clues to the above by exporting the key from your
public keyring and piping it to gpg --list-packets:

 gpg --export $keyid | gpg --list-packets

FWIW, if someone did compromise your secret key material, creating a
revocation certificate for your key is possibly the nicest thing they
could do with it.


More information about the Gnupg-users mailing list