Revoking a certificate (--edit-key + revsig)

Teemu Likonen tlikonen at
Fri Jun 16 09:06:38 CEST 2017

My question is simple (kind of): In what situations would you revoke a
certificate that you have made on someone else's key? (Technically:
--edit-key + revsig.)

Background concepts: When we sign a key (--edit-key + sign) we certify a
particular user id, the link between the user id and person (or
sometimes group) identity. Something like that. It's difficult to put
this concrete enough but abstract enough to cover all cases but you know
what I mean.

But what would you say about conceptual meaning of revoking such
certificate (--edit-key + revsig)? Maybe the link between the key or a
particular user id and the actual person or group identity has been cut:
person lost his secret key or just password and can't control the key
anymore. So maybe by revsig a person gives a signal that he knows the
link has been broken and tell people to not rely on his certificate
anymore. Am I right?

/// Teemu Likonen   - .-..   <> //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: </pipermail/attachments/20170616/c7ad434a/attachment.sig>

More information about the Gnupg-users mailing list