Revocation certificate for sub key?

adrelanos adrelanos at
Fri Dec 13 23:56:07 CET 2013


Is it possible to create a revocation certificate just for sub keys and
not the master key?

This would be useful for offline master keys. Trusted persons could be
given the revocation certificate for sub keys and send it to key servers
when they suspect compromise. But should the sub key revocation
certificate get into the wrong hands due to compromise, the damage would
be limited.


More information about the Gnupg-users mailing list