Renewal of revocation certificate required after adding a new identity?

Hauke Laging mailinglisten at
Mon Oct 13 00:35:20 CEST 2014

Am So 12.10.2014, 23:35:16 schrieb Dr. Peter Voigt:
> Can I still use my existing revocation certificate with my key pair


> I am supposing the revocation certificate just refers to my main
> key ID regardless of the identities belonging to the key pair.

To the fingerprint (or: the key data itself).

0x1F: Signature directly on a key
       This signature is calculated directly on a key.  It binds the
       information in the Signature subpackets to the key, and is
       appropriate to be used for subpackets that provide information
       about the key, such as the Revocation Key subpacket. [...]

BTW: You can test this. You don't kill the key / certificate as long as 
you do not upload the revocation certificate to the keyservers. Just 
make a backup of the public and the private keys (maybe not even 
necessary but may be easier).

As long as you import the rev cert just locally you can delete it. Or 
delete (and restore from backup) the whole key if the rev sig cannot be 
deleted alone.

Something else, doesn't have anything to do with your question but may 
be of interest as you work at a university:

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20141013/c56d29f4/attachment.sig>

More information about the Gnupg-users mailing list