Am Montag, 5. März 2012, 22:36:42 schrieb Ingo Klöcker: > I have verified that one can generate a revocation certificate without > entering a passphrase if one has previously signed something (e.g. an > email). So, it was probably just a very nasty prank.
I assume that ist possible only if the main key has been required for the action during which the passphrase has been cached. So having subkeys for encryption and signing should protect from this "problem". Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users