Actually, this is something I never understood. Why should people create a
revocation certificate and store it in a safe place, instead of
backing up the main key?
A "safe place" for a revocation certificate may be vastly different
from a "safe place" for a backup of your certificate. For instance,
if you're married you may be completely comfortable storing a
revocation certificate in a locked desk drawer to which your spouse
also has a key, but you may not wish to leave a backup of your
certificate there. In the event of divorce proceedings the worst your
now-aggrieved spouse can do is revoke your certificate; your spouse
won't have access to your private key as well.
And yes, a strong passphrase is still the strongest bar against these
backups being misused -- but unless you've got an eye-poppingly strong
passphrase, your best bet is to rely on denying attackers access to
the data as well as the passphrase.
(I've often told people I'd be happy to post my private key to this
mailing list in order to prove my claim that with a strong passphrase
you have nothing to fear -- I never said I wouldn't grab 32 bytes from
/dev/random, base64 encode them, and use that as a passphrase. That
counts as eye-poppingly strong, I think...)
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
