GPG keypair wizard not creating a revocation certificate
Thomas Pfeiffer
thomas.pfeiffer at kde.org
Tue Jul 4 17:08:13 BST 2017
Hi KDE PIM team,
I’ve just learned that KMail now offers users who do not have a GPG key to have one created for them.
This as such is a nice idea, but a key element which is missing is the generation of a revocation certificate. Users who know nothing about GPG don’t even know what that is and therefore most likely won’t ever create one.
This could get them into a difficult situation should they ever forget their password or lose their private key.
Having irrevocable keys out there is certainly not what we want.
Therefore, even if users don’t yet know what it’s good for, I’d strongly recommend to automatically generate a revocation certificate and tell them where they can find it and what it is good for.
Best,
Thomas
(P.S.: I’m not on the list anymore, so please CC me if you reply to this)
More information about the kde-pim
mailing list