Automatically generating subkey revocation certificates
Werner Koch
wk at gnupg.org
Fri Dec 27 20:52:43 CET 2019
On Thu, 26 Dec 2019 23:04, Dirk-Willem van Gulik said:
> But this does not seem to happen when doing a --quick-add-key
> subkey. Is this intentional ? Or is there a flag one can set ?
Right. If you want to revoke a subkey we can assume that you still have
access to the primary key and thus it is possible to create a specific
revocation. If you don't have access to the primary key anymore, a
subkey revocation does not make sense because you can't create a new one
- in that case revoke the entire keyblock using the prefabricated
revocation.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20191227/4420c008/attachment.sig>
More information about the Gnupg-users
mailing list