Hello,
I am learning about PGP4Win and have a few basic questions.
I am curious about the revocation process. I read your response to Ramon, which is very helpful. I’d like to follow up with some clarification questions.
You wrote:
gpg -o --gen-revoke
…where is the name of the file you want to save the certificate to, and is the ID of the key you want to be able to revoke. You can also use the “-a” switch to generate the file in ASCII instead of binary. So, for example, typing:
gpg -a -o revoke.txt --gen-revoke ABCD1234
I am not clear on the terminology. Is the “key” the file. For example, if I have a public key as User1.asc and a private key as User1Secret.gpg, could I use the following command to generate a revocation certificate? (The secret key was generated by using Kleopatra, right mouse clicking on my certificate, and then choosing “Export Secret Keys”.)
gpg -o User1SecretKeyRevoke.gpg --gen-revoke User1Secret.gpg
Would that work?
Also, on a different website, it mentioned the following:
http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-key-revocation.html
Assuming you have a key revocation certificate previously made (or a backup copy of your secret key ring with which you can generate one now), upload the revocation to one of the public key servers. Prior to uploading the revocation certificate, you might add a new ID to the old key that tells what your new key ID will be. If you don’t have a backup copy of your secret key ring, then it will be impossible to create a revocation certificate under the present version of PGP. This is another good reason for keeping a backup copy of your secret key ring (or at the very least generate a revocation certificate).
I would like more clarification on “Prior to uploading the revocation certificate, you might add a new ID to the old key that tells what your new key ID will be.” Can you please elaborate on that statement? In particular, what is the new ID and how do I add it to the old key?
Thank you.
Best regards,
Kevin