Page MenuHome GnuPG

Kleopatra: Revoke own key
Closed, ResolvedPublic

Description

In Kleopatra we can only generate revocation certificates as a file. There is no way to just revoke your own key. T5858 might work by revoking the self sig but in general we actually would need something like the revoke interface that asks us for a reason etc.

This is related to key rollover. My workaround for this (besides editing and importing the revocation certificate) was to set the expiry date to "tomorrow" (which was the earliest allowed setting)

I realize that this needs new GPGME API and that this means that the effort is larger then it sounds.

Event Timeline

aheinecke triaged this task as Wishlist priority.Feb 24 2022, 11:04 AM
aheinecke created this task.

Do you mean revoking the entire key or a user-id, or a subkey? Having a way to revoke a user-id is probably the most interesting use-case. BTW, there is no "revoke a self-signature" - this is actually a revocation of the user-id or subkey.

Ingo, it would be great if you could work on that. For me the most intresting use case is to fully revoke a key because it has been superseeded.

The reason behind this is that we migrate Gpg4win Users from Non-VS-NfD compliant Gpg4win Versions to keys created by GnuPG VS-Desktop in compliance mode.

ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Mar 28 2022, 1:41 PM

"Revoke certificate" is now available in the "Certificates" menu and the context menu in the certificate list. Don't confuse it with the "Revoke certification" entry. ;-) Maybe we should reword "Revoke certification" even if for me it says exactly what it does.

Do you want to have the "Revoke certificate" action available elsewhere? In the Certificate Details dialog? Maybe even in the New Certificate Wizard as additional option after successful generation of a new certificate? (The latter would be more work because it needs a selection of the certificate to revoke.)

ikloecker changed the task status from Open to Testing.Apr 5 2022, 10:50 AM
ikloecker removed ikloecker as the assignee of this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a subscriber: ikloecker.
aheinecke claimed this task.