Proper revocation
kwadronaut
kwadronaut at aktivix.org
Tue Mar 13 10:24:38 CET 2012
Big thanks to Daniel who helped me once again by putting me on the right
track.
On 07/03/12 21:16, Daniel Kahn Gillmor wrote:
> "editing" a revocation certificate doesn't make much sense, since if you
> modify the certificate, you'll invalidate the signature. Better to
> think of it as discarding an existing revocation certificate and
> creating a new one.
A solution, with some comments in between the commands, so people can't
simply copy-paste but think about what they're doing.
$ cd $(mktemp -d)
Mind what you're doing, others might be able to read in that directory.
$ gpg --export $KEYID | gpgsplit -v
I think gpgsplit people deserve a big thank you.
$ gpg --expert --delete-keys 0x3F6C6602
expert because it would usually be a silly thing to do; removing the
pubkey when there's still a private key for it.
gpg: there is a secret key for public key "$KEYID"!
gpg: use option "--delete-secret-keys" to delete it first.
$ rm 000002-002.sig
Don't know what packet you need to remove, but you know what a backup
is, right?
$ cat * | gpg --import
ciao,
kwadronaut
apologies to the list-maintainer for extra work
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120313/72caf558/attachment.pgp>
More information about the Gnupg-users
mailing list