OT: Revoking Old Keys... my problem
Steve Butler
sbutler at fchn.com
Thu May 6 16:54:16 CEST 2004
Sure you can encrypt it. Just what are you going to do when you lose the
secret key and are unable to decrypt it (which is the reason you have a
separate revocation certificate in the first place)? Just which foot are we
shooting here?
-----Original Message-----
From: Greg Sabino Mullane [mailto:greg at turnstep.com]
Sent: Thursday, May 06, 2004 4:14 AM
To: gnupg-users at gnupg.org
Subject: Re: OT: Revoking Old Keys... my problem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Just remember that you can't store the revocation certificate in
> an encrypted form, so anybody hacking your webmail account
> (or any sysadmin...) could revoke your key.
Of course you can encrypt it. It's just a file like any other, so
just "gpg -ca" and then you can store it anywhere you like, where
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
More information about the Gnupg-users
mailing list