-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 03 May 2004 07:46 am, Alexander Dalloz wrote: > Am Mo, den 03.05.2004 schrieb Charles Howse um 11:22: > > First, I have 2 gpg keys out there...search for my email address on > > http://pgp.mit.edu/ > > > > I've lost the revocation cert for the older key, so I suppose I can't get > > rid of it...? > > I may be corrected, but I think all you need is to remember the > passphrase of the key you want to revoke. See i.e. > > http://www.rediris.es/cert/servicios/keyserver/remove.en.html > http://www.cryptnet.net/fdp/crypto/gpg-party.html#ss3.7 > http://www.nmlug.org/faqs/gen-gpg-key.html Alexander, I have read the above pages carefully, and everything seems to indicate that I must possess the private key in order to create a revocation certificate. Is that the way you read it? I do not have the key, nor a revocation cert. Even though I remember the passphrase, it looks like it won't do any good without the private key. > > Second, what is the accepted way of making it easy for someone reading my > > signed email to import my key from the keyserver? > > Should I post the fingerprint or id in my sig? > > In my opinion that would be helpful. People using GPG/PGP should then be > able to locate your public key on the keyserver and import it to the own > keyring for verification. And of course, the recommended way to publish > your public key is to put in on the keyserver. OK, my public key has been on the keyserver @ mit.edu for some time now, and I have added the ID to my sig. - -- Charles Howse Jackson, TN Registered Linux user # 347576 (http://counter.li.org) GnuPG ID - 1F5130A8 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAl8+x/S+VsB9RMKgRAt1DAJ9T7ZgWZXCwYtHtG8gogvQSSz8BjQCdFcZp wkTATjFjtRAaaNMYA6yEYuU= =s3a0 -----END PGP SIGNATURE-----
