-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 8/9/2012 4:30 PM, Kristian Fiskerstrand wrote: > On 08/10/2012 01:09 AM, Doug Barton wrote: >> Maybe I'm missing something in this conversation, and if so I >> apologize. But how would attaching the revocation cert to a key >> be possible in the scenario where the user lost the password? > > Hi Doug, > > The discussion entail having generated a revocation certificate > using --gen-revoke while having the passphrase and private key > (should usually be done at key generation and stored at a safe > place, and is short enough that a printed copy can be stored and > manually typed need be)
Yes, I got that bit. :) > At the time of key revocation it is then appended to the public > key using import, hence doesn't require a passphrase, the same way > as A doesn't need B's passphrase when signing B's public key. Ah, that's the bit I was missing ... thanks. Doug - -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (MingW32) iQEcBAEBCAAGBQJQJEjHAAoJEFzGhvEaGryENKoH/juba+wx0KcwdS4xfLH/3x+z CLsNORNgucU+UwXC3+tXXMrqVfDCMaemsmWbjO0t0VJX3Q6C7rjc96NgVlSBHC5S zfcDOOMQFG5oGiWxRzJCYSJ1wHkCOnDO2UZlKRQ/jC4RisONP804cvyRhBgq/EEh htz10bMYKkWL1FbbLI8Sa1K6AwcHlQfPHMArS7hAIS85ArJ+bzTIEBINdbow6WP1 LO5Ny8S6ujNM4CL/ph1w4NzAvcOi9iJmgvd5Hhl+nPhFKNRce7pI+qeVy7S7+pND 6BKD70YBbzUGx/RqS5T9sttJg1MX1+8a90V33k6nWAzwSwq8LVaag440Wpnz91M= =jqP5 -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users