[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: invalid gpg key revocation
From: Hauke Laging <mailinglisten () hauke-laging ! de>
Date: 2012-03-05 23:13:43
Message-ID: 201203060013.44343.mailinglisten () hauke-laging ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Am Montag, 5. März 2012, 22:36:42 schrieb Ingo Klöcker:
> I have verified that one can generate a revocation certificate without
> entering a passphrase if one has previously signed something (e.g. an
> email). So, it was probably just a very nasty prank.
I assume that ist possible only if the main key has been required for the
action during which the passphrase has been cached. So having subkeys for
encryption and signing should protect from this "problem".
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
["signature.asc" (application/pgp-signature)]
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic