-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Lawrence Chin escribió:
> (1) It turns out that I got a revocation certificate made long time ago > for the current key I'm using (8e758d5f) with the file name > "[EMAIL PROTECTED] (0x8e758d5f) rev.asc" and saved on a CD. So, if I > need to revoke this public key in the future, I just upload it to the > keyserver? IIRC, you would need to import the certificate to your keyring, and then upload the key to the keyserver... once you have done that, there is no coming back... And I think if you do that, you will revoke the whole key, with all its UID... the only time I imported a revocation certificate, the key just had one UID, so I am not 100% sure about that. And it was very easy to import it (indeed, I didn't intend to do it). > (2) So I used OpenPGP key management, "file" -> "export key to file" to ... > file consists of a public key block and a private key block. Now, if my > computer ever crushes and I have to start everything over again, like > downloading GNUPG and Enigmail again, do I just upload these 4 asc files > and thus regain my keys again? Is this what is known as "back up"? Not upload, you need to import these files to your keyring... it is easy to do. And yes, that is the meaning of "backup"... a backup is a file or set of files, that allow you to restore the info to the state is was before the disaster. Of course, if you modify one of your keys, you need to export that key again, since the backed up file would not contain the modification... > (3) So I generated a revocation certificate for the older, first > experimental key for this kurtc account of mine, which I never seemed to > have uploaded to a keyserver. Here is the log: ... > c:\Program Files\GNU\GnuPG> > --------------------------------------------------------------- > I typed in the correct passphrase at my third try. Now, where can I find > this revocation certificate? I don't even know the file name!!! Good question... I think it should be in the same folder where your backup key files were exported... and the name should be something like the one you showed us in the question n°1, something like "email address (keyID number) rev.asc". If it is not there, it could be at C:\Documents and Settings\YourWindowsUserName\ or maybe in the GnuPG folder, since you was working at that folder when you generated the rev certificate. By the way, I use Enigmail's Key Manager to generate easily the rev certificates. Also, if you want to revoke a key which you still control (I mean, you have the key, and you remember the passphrase), you don't need to use the revocation certificate, you can revoke the key using Enigmail's Key Manager, or by using GnuPG command line, or using GPGshell if you have installed it... the revocation certificate can be used to revoke the keys even if you forgot the passphrase... so please keep it out from reach of children ;) > Hopefully soon I'll get out of my newbie status and become able to help > someone too! Yes, maybe we can answer the easy question, and leave the hard ones to the experts... Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJI3ulaAAoJEMV4f6PvczxAgd4IAJWNDJs+sfhfQWxQHgoDjw7C ybdOfpYwP2jxK3x8pl3MrvYk6ghIzBBwIe4lYoVWtboUfu7F5Vu00HaYUwL3PMQo yjygpXY8vZd6u6gnFoInCup9xJCw5jmLXH7KNvwcSWRVm9LHhu9IhFpx+qWZOXB3 EEBhXBospRwPYzJF0YY6/zDtFIu+a9pEwclM3FhMo/G/DXeJvbX92KfOAzghpYjH iBjjik7gg3ky47b92zaqTvldjl7MQVM/9ekxkohiPXTOgAaiC5OPlt8qDDoPHfks yhLKHEVQEMKjmmf49BROYfl04TRb3vIefcxSPPgyu0M2hflHDk74fG3HGh4/ZeQ= =mloW -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
