Generate revocation certificates for subkey(s)
Open, NormalPublic
Actions

Assigned To

None

Authored By

	mgorny
	Feb 20 2019, 4:37 PM

Description

As suggested on gnupg-users (https://lists.gnupg.org/pipermail/gnupg-users/2019-February/061620.html), I'd like to request having an option to generate revocation certificate for subkeys (rather than the primary key).

Rationale:

Our use case involves signing key kept on a server for the purpose of
automated signatures. We'd like to keep the secret portion
of the primary key offline and use a dedicated signing subkey
on the server. At the same time, we'd like to be able to quickly revoke
the subkey if need arises without having to reach for the primary key.

Event Timeline

mgorny created this task.Feb 20 2019, 4:37 PM

georg added a subscriber: georg.Feb 20 2019, 5:56 PM

• werner triaged this task as Normal priority.Feb 22 2019, 8:47 AM

• werner added projects: gnupg, OpenPGP.

wiktor-k added a subscriber: wiktor-k.Feb 26 2019, 11:18 AM

matheusmoreira added a subscriber: matheusmoreira.May 9 2019, 8:16 PM

Generate revocation certificates for subkey(s)Open, NormalPublicActions

Description

Event Timeline

Generate revocation certificates for subkey(s)
Open, NormalPublic
Actions