-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > When a key is revoked using the revocation certificate, does it have > the same effect as reaching the expiry date of the key? In other words > if I set a key to no expire but generate a revocation certificate, it > is equally safe?
It depends on what you mean by "same effect". You can't encrypt a message to an expired key, precisely because it's expired. You can't encrypt a message to a revoked key, precisely because it's revoked. If by "same effect" you mean "both keys are equally unusable", then yeah. Same effect. If by "same effect" you mean "they work the same way", then no. Different. With one, GnuPG simply sees that the key has expired. You can unexpire the key just by resetting your computer's clock. With the other, GnuPG sees the key has been revoked, and unrevoking it is kind of problematic. - -- Robert J. Hansen <[EMAIL PROTECTED]> "Most people are never thought about after they're gone. 'I wonder where Rob got the plutonium?' is better than most get." -- Phil Munson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iFYEAREIAAYFAkZtgiwACgkQf2XByo0Cu7PQdgDfYSHgpicOUcseTUVpWEFLp6aS hRaYL23H5181vADeP+aK/WkQFsFq401z3AJLwyIqN2KOn9cfxdnaeokBHAQBAQgA BgUCRm2CLAAKCRC3APSC/q+BCT//B/9QYb9SN30BABc/HZOzr5M702l8KT/Y1i7g 2wmHMWo6tYFO9XOdkbVApDFLHDYzK5UzphajUwkuY2rNk0Lk4/lBW725igOTIbl0 Utc2VvHd3+Ltbzli9Tpj6VjHrsV+gc1vLjF8B60A8kj9zHy88+QOUmZXFEI+r/y/ 721zF2qSf60xXRCkugn1/sttzX2fV6fi5E4S/n62n/VrkbFjUloGF2wmT5VO9dXm bmLkSHU23Z2qWNa0JUcrfc+UYT2kDSIVRO5LkvCAG/v0ViSg7GASEze+AaGrnU/3 WZnUWZumeuFoyHxoptvXALrbWRudXn2TM6hv8Cz1jndjXyILwGFN =nlgN -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
