Generating revocation certificate
André Ockers
andre at ockers.eu
Sat Apr 6 20:24:11 CEST 2019
Hi mr. Reichelt and list,
Op 06-04-19 om 18:32 schreef Markus Reichelt:
> * André Ockers <andre at ockers.eu> wrote:
>
>> Op 06-04-19 om 15:04 schreef Markus Reichelt:
>>> gpg -a --output andre at ockers.eu.asc.revoke --gen-revoke 7CD3FBC8F6005ED5
>> This leads to the following:
>>
>> gpg: secret key "7CD3FBC8F6005ED5" not found: eof
> i'm using on slackware64-current (if you are using windows, all hands
> are off)
>
> gpg --version
> gpg (GnuPG) 2.2.15
> libgcrypt 1.8.4
I'm using (up to date) Trisquel
$ gpg --version
gpg (GnuPG) 1.4.20
$ gpg2 --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
> it looks to me you are lacking access to the secret key - you
> need it in order to be able to create a revocation cert. but since
> you are able to still sign mails (to this list, e.g.) that key must
> be there still.
>
> if you run "gpg --list-keys andre at ockers.eu" (with gpg2)
>
> does that fingerprint show up?:
>
> 0288A46FA7FF9A9B5BF64D6B7CD3FBC8F6005ED5
$ gpg2 --list-keys andre at ockers.eu
pub rsa4096/F5FE3668 2014-07-31 [SCA] [revoked: 2018-12-29]
uid [ revoked] Andr� Ockers <andre at ockers.eu>
uid [ revoked] Andr� Ockers <ao at fsfe.org>
pub rsa4096/F6005ED5 2018-12-29 [SCA]
uid [ultimate] Andr� Ockers <ao at fsfe.org>
uid [ultimate] Andr� Ockers <andre at ockers.eu>
(plus a subkey)
> anyhow, if you lost (access to) that key in question, it's too late
> to create a revocation cert. best practice is to deal with that when
> deploying a new key.
I already made a revocation certificate with Enigmail.
Thank you.
Best regards,
André Ockers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190406/a5126cbe/attachment.sig>
More information about the Gnupg-users
mailing list