Revocation certificates

Leo Gaspard ekleog at
Thu Jan 23 23:15:16 CET 2014

On Thu, Jan 23, 2014 at 10:26:33PM +0100, Werner Koch wrote:
> On Thu, 23 Jan 2014 21:25, ekleog at said:
> > PS: Please, do not tell me one might have forgotten his passphrase. In this case
> > there is no harm in shredding the secret key and waiting for the expiration
> Experience has shown that this is the most common reason why there are
> so many secret keys on the servers which are useless.  Further, an
> expiration data is not set by default and waiting a year until the key
> expired is not a good option.

Oh? I thought the most common reason was test keys, and tutorials which explain
step-by-step how to make a keypair and push it on a keyserver, without telling
to put an expiration date. I, unfortunately, have myself put a few test keys on
the keyservers (whose passphrase I no longer have) without expiration date
before knowing they would never (?) be deleted, and am still remorseful about

And keys with an expiration date are someday deleted, while keys, even revoked,
without are never, are they?

BTW, revocation certificates are not produced by default either. So, why not
advise people to put an expiration date, instead of counselling them to generate
a revocation certificate?

> Further, it is also common that a secret key is lost (disk crash - no
> backup, backup not readable or too old) or simply stolen.  This has the
> same effect as a forgotten passphrase.  In particular in the stolen key
> case, you want to immediately revoke it and not wait until you can
> restore the key from a backup stored at some safe place.

Well, my question is then: Why not restore the key immediately (having stored it
at the place you would have stored the revocation certificate), and revoke it

> There are other rare scenarios, for example a high security key in a far
> away place, you are traveling and you want to immediately revoke the key
> for whatever reason.

These corner-case scenarios are ones I did not mean to discuss, sorry for not
having made them clear.

I'm also feeling I may have failed to make myself understood: I am not denying
the usefulness of revocation certificate, just the advice always popping out to
generate a revocation certificate in any case, without thinking of whether it
would be useful.

Cheers !


More information about the Gnupg-users mailing list