Revocation certificate for sub key?

Hauke Laging mailinglisten at
Sun Dec 15 02:54:43 CET 2013

Am Sa 14.12.2013, 17:01:23 schrieb adrelanos:
> > Am Fr 13.12.2013, 22:56:07 schrieb adrelanos:
> >> Hi,
> >> 
> >> Is it possible to create a revocation certificate just for sub keys and
> >> not the master key?
> > 
> > --edit-key 0x12345678
> > key 1
> > revkey
> That's doesn't create a revocation certificate, that revokes the key.

It does create a revocation certificate. But it imports it automatically. 
There is a simple solution, maybe (matter of taste) easier than dkg's 

Make a backup of the key (i.e. export both secret and public key), do the 
above, export the certificate (public key), delete both secret and public key 
and import your backup. The exported certificate contains the revocation 

You may reduce the file by deleting all but one UIDs and all other subkeys 
after the backup and before the revkey.

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131215/82bacced/attachment.sig>

More information about the Gnupg-users mailing list