[ale] Revoking a gpg key?
greg at turnstep.com
greg at turnstep.com
Fri Jan 24 07:34:17 EST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> I have reason to revoke a key. Would the best way to do this be to
> add the revocation cert I generated to my keyring, upload it to the
> keyservers then generate a new key?
>
> What's "the best" way to go about this from a technical and etiquette
> standpoint?
You've pretty much got it. Upload the revocation cert to at least a couple
of keyservers. Put a note on your new key about the old one being revoked.
Post the new key on the keyservers. Put the revocation certificate, your
new key, and an explanation on a web page somewhere and advertise that page
inside your new key as well as in your email sigs, etc. Mail anyone who
has signed your key and explain what has happened so that they get the
revocation certificate as well, and can possibly arrange to sign your
new key.
Revocation certificates are fairly rare; having to revoke a key for
a reason other than "lost the key/can't remember the password" is
even rarer. I'm sure others would be curious as to what happened. If
you can share it, please do so, especially if it encourages people
to take measures to prevent it from happening to them.
- --
Greg Sabino Mullane greg at turnstep.com
PGP Key: 0x14964AC8 200301240730
-----BEGIN PGP SIGNATURE-----
Comment: http://www.turnstep.com/pgp.html
iD8DBQE+MMt6vJuQZxSWSsgRAlMyAJ9FbbaHjeSTYBd8zTeuY/tuXyIScQCg+SmA
brBE8n65cOSIX5yQDIthn1U=
=anbC
-----END PGP SIGNATURE-----
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list