Revocation certificate creation
olav at enigmail.net
Tue Feb 26 14:37:49 CET 2013
-----BEGIN PGP SIGNED MESSAGE-----
>> When creating a key using Enigmail, it asks the user to save a rev cert.
>> CLI should do the same.
> You mean printing a hint to create a recovation certificate would be
well, first it's just my opinion. Second, I'd vote for a hint _at least_.
I'd prefer a question to the user whether he/she wants to create one.
Same applies for the key backup itself!
Even with question, there should be one sentence explaining why the user
should care about it, like
If your private key is lost or broken or gets compromised, you might
want to mark your public key invalid if you (or someone) put it on a
public key server. You can do so using a revocation certificate.
Would you like to create a revocation certificate now?
(if yes, ask for typical "causes", maybe even multiple, IMHO no expert
freetext "cause" - those that do know this also know how to use args.)
[Farewell message prior to exiting] Mind to store a copy of your private
and public key <if rev cert was created>and the revocation certificate(s)
</if> on a reliable offline media and save that in a place only you have
Well, that's a lot to read, maybe there's a shorter way to tell but it
should be readable by the average user. Again: my personal preference.
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (MingW32)
Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Gnupg-users