Revocation certificates [was: time delay unlock private key.]

Leo Gaspard ekleog at gmail.com
Thu Jan 23 21:25:26 CET 2014


On Thu, Jan 23, 2014 at 05:53:57PM +0000, nb.linux wrote:
> Hi Uwe,
> 
> Johannes Zarl:
> > So in short:
> >  - a delay won't help you
> >  - protect your private key so this won't happen
> >  - always use a strong passphrase
> and in addition: if you fear (or know) that your secret key was copied
> from your system, revoke it!
> To me, this is a very important feature of OpenPGP: _you_ can actually
> do something to reduce (not more, but also not less!) harm for yourself
> and others.
> And, you can be prepared for such an event (i.e. having created the
> revocation certificates in advance, stored them in a save but accessible
> place, printed out on paper,...).

Actually, this is something I never understood. Why should people create a
revocation certificate and store it in a safe place, instead of backing up the
main key?

So long as the primary key is encrypted and the passphrase is strong, this
should not lead to any security danger. (Anyway, it's stored in a "safe" place.
And a revocation certificate misused is dangerous too, as it ruins a web of
trust.)

And the advantages of doing so are that in case or accidental erasing of the
private key (who never accidentally deleted an important file?), it also allows
the main key to be retrieved.

The primary key allows one to create a revocation certificate, not the other way
around. So, why store a safe revocation certificate?

Leo

PS: Please, do not tell me one might have forgotten his passphrase. In this case
there is no harm in shredding the secret key and waiting for the expiration
date, answering persons emailing you encrypted files that you lost your
passphrase. Anyway, in this case, you're screwed, and a revocation certificate
would be no better -- unless it was stored unencrypted, at the risk of having it
used when you do not want it to be.



More information about the Gnupg-users mailing list