[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using MacPGP to revoke a key...



At 08:13 8/3/95, Adam J. Gerstein wrote:
>Sorry to bother y'all with such an amateur question, but I can't find this
>in TFM, so I figured I'd ask those who are more in the know.....
>
>Anyway, I'm considering revoking my public key because it's been out there
>a while and I'm feeling the urge to change to a larger key, but I'm not
>clear on how to revoke the old one. Do I just make a text file with my new
>key in it, explain that I'm revoking the old one, sign it with my new key
>and then post it to the list? Or do I just send it to a keyserver?
>
>Again, I'm sorry to be asking y'all about something so easy. I don't want
>to start a whole new thread about this, so if you've got something helpful
>to add, please send it via private mail.

There is no need to revoke the old key - you just create a new key with
both the old and new keys and send it to the KeyServer. The normal PGP
"Default" when there are more than one key with the same Email Address is
to use the last one (which would be last in the keyring as well as have the
latest date). By leaving the old key as NOT revoked it can still be used
but will tend to be replaced by the new longer key as people get your key
from the Server.

If you DO want to revoke the old key, you just send the Revocation
Certificate to the KeyServer along with the new longer key (but note that
then, I think you will not be able to decode messages sent with the old
key).