invalid gpg key revocation

Hauke Laging mailinglisten at
Thu Mar 8 00:52:39 CET 2012

Am Donnerstag, 8. März 2012, 00:39:11 schrieb Faramir:
> El 07-03-2012 18:24, MFPA escribió:
> ...
> >> Only your private key can generate the revocation certificate,
> > 
> > Can't you add another key as a designated revoker, and then
> > generate the revocation certificate with that other private key?
>   You are right, I forgot that because I don't really know how to do
> that (and I don't know who would I make my designated revoker). Lets
> ask if there was a designated revoker, that would explain it all.

The statement "Only your private key can generate the revocation certificate" 
is not wrong, at least not in a useful understanding which is: "It is 
impossible to revoke a key without using the private key." As you need the 
private key to add a designated revoker just in the same way as you need the 
private key in order to add/revoke UIDs, subkeys and so on.

You need the command --edit-key and in its menu the command addrevoker.

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120308/f5631ee3/attachment.pgp>

More information about the Gnupg-users mailing list