Le 2017-10-31 à 13:01, Peter Lebbing a écrit : > Revocations are done by the primary key. If the user has lost the secret > primary, they should fetch their revocation certificate, not fool around with > the subkeys ;-). (Incidentally, this is why you don't need revocation > certificates for individual subkeys.)
True, though this applies to the primary key too---I was thinking of all signatures, really. But if you consider that correct then it is only accidentally so :) > [1] Lachlan indicates "lost" is also treated as "signatures before revocation > date remain valid", but I haven't checked myself. I would recommend checking this yourself, as a quick google didn't find it, and I haven't had a chance to do more thorough research. Thanks, Lachlan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
