What are your opinions about revocation certificates, are they useful? Since I could revoke a key without the rev cert, as long as I have the private key, what's the reason for a rev cert? I understand that you could have a copy of a rev cert and revoke a key if you lose the private part of it, but you could just as well make a copy of the private key instead of the rev cert, as far as I can see.
I suppose there could be a situation where you have a really lousy password, so you don't want extra copies of your keys, but still want the possibility of revoking them. It seems like a very far fetched situation though, since you wouldn't want a lousy password in the first place. I must be missing something, or ... ?
Revocation cert - is it useful?
3 posts
• Page 1 of 1
Revocation cert - is it useful?
by Wamiduku » 7th Dec 2009 16:50
- Wamiduku
- Novice User
- Posts: 5
- Joined: 6th Dec 2009 21:47
Re: Revocation cert - is it useful?
by dan » 7th Dec 2009 19:35
If you ever forget your passphrase, your key pair becomes useless, so you should revoke it; this is impossible to do without a revocation certificate created in advance (since you need to know the passphrase to create a revocation certificate for your key pair).
-
dan - Experienced user
- Posts: 104
- Joined: 3rd Sep 2008 13:25
- Location: Geneva, Switzerland
Re: Revocation cert - is it useful?
by Wamiduku » 7th Dec 2009 19:45
Ah, that was what I was missing. I though that you needed the passphrase in order to use the revocation cert, but if you don't, then I see the point. Thx for the reply!
- Wamiduku
- Novice User
- Posts: 5
- Joined: 6th Dec 2009 21:47
3 posts
• Page 1 of 1