Revocation certificates [was: time delay unlock private key.]

Robert J. Hansen rjh at sixdemonbag.org
Thu Jan 23 22:27:58 CET 2014


> Actually, this is something I never understood. Why should people create a
> revocation certificate and store it in a safe place, instead of  
> backing up the main key?

A "safe place" for a revocation certificate may be vastly different  
from a "safe place" for a backup of your certificate.  For instance,  
if you're married you may be completely comfortable storing a  
revocation certificate in a locked desk drawer to which your spouse  
also has a key, but you may not wish to leave a backup of your  
certificate there.  In the event of divorce proceedings the worst your  
now-aggrieved spouse can do is revoke your certificate; your spouse  
won't have access to your private key as well.

And yes, a strong passphrase is still the strongest bar against these  
backups being misused -- but unless you've got an eye-poppingly strong  
passphrase, your best bet is to rely on denying attackers access to  
the data as well as the passphrase.

(I've often told people I'd be happy to post my private key to this  
mailing list in order to prove my claim that with a strong passphrase  
you have nothing to fear -- I never said I wouldn't grab 32 bytes from  
/dev/random, base64 encode them, and use that as a passphrase.  That  
counts as eye-poppingly strong, I think...)




More information about the Gnupg-users mailing list