Functionality to export a revocation certificate

[turion]

This should be easy enough to implement, and it's really useful if I don't want to save the private key on other devices, but the ability to revoke the key if I lose the phone.

(Also, how can I export a private key?)

[alanthehat]

Exporting private key --

/[menu]/[export keys] - there is a checkbox for 'also secret key'

alanthehat commented 9 years ago

+1 on revocation key

viric commented 9 years ago

My experience shows that I forget/lose passwords on rarely used keys, so I need the revocation certificate somewhere. I wish this were implemented.

Exporting the secret key to a file just to generate a revcert with gnupg is a bit annoying; I'd like to avoid exposing the key to the SD disk, and avoid this extra work, of course.

viric commented 9 years ago

Some people use only one key, and often, and thus never forgets the password. But if you try to have separate keys for different situations or contexts, or even just for some tests, I find it easy to forget the password.

There is also the case where the android device may be stolen, and the access to the secret key lost. I know that the key can be exported, but I don't like secret keys spread in files. On the opposite, I'm not afraid of a revcert being stolen by anyone; at most, they will revoke my key. Nothing for me relevant will be compromised.

I know that gnupg says that you should store the revcert in a very secure place and even away from your secret key, but I don't agree with that advice. I always store the revcert next to my secret key storage. If anyone steals the storage (ciphered) of my secret key, I want he to revoke my key, if possible. :)

mezinster commented 8 years ago

+1 nice to have

• © Githubissues.
• Githubissues is a development platform for aggregating issues.

[alanthehat]

+1 on revocation key

[viric]

My experience shows that I forget/lose passwords on rarely used keys, so I need the revocation certificate somewhere. I wish this were implemented.

Exporting the secret key to a file just to generate a revcert with gnupg is a bit annoying; I'd like to avoid exposing the key to the SD disk, and avoid this extra work, of course.

[viric]

Some people use only one key, and often, and thus never forgets the password. But if you try to have separate keys for different situations or contexts, or even just for some tests, I find it easy to forget the password.

There is also the case where the android device may be stolen, and the access to the secret key lost. I know that the key can be exported, but I don't like secret keys spread in files. On the opposite, I'm not afraid of a revcert being stolen by anyone; at most, they will revoke my key. Nothing for me relevant will be compromised.

I know that gnupg says that you should store the revcert in a very secure place and even away from your secret key, but I don't agree with that advice. I always store the revcert next to my secret key storage. If anyone steals the storage (ciphered) of my secret key, I want he to revoke my key, if possible. :)

[mezinster]

+1 nice to have