-----BEGIN PGP SIGNED MESSAGE----- Tim May writes:
If one can safely and securely store a revocation certificate for later use, why not just store the much shorter passphrase?
Well, you're dealing with very different threats in the two cases AFAICS. With your passphrase and private key, someone can forge your signature, read your encrypted incoming mail, etc. With your revocation certificate and private key, about all they can do is revoke your key and force you to create a new one. I certainly find the latter prospect much less alarming -- by far the lesser of two evils. Heck, it's good to update keys periodically, so they might even be doing me a favor of sorts ;) Futplex <futplex@pseudonym.com> -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBMO65WSnaAKQPVHDZAQEIngf+OnXNLpkc4MlE+F0O24lCgso29k0cYRiW jOHKJJfl9ryfaM/WT8eyRLIbWhO7A2qMGSF9nlRUCuhLBgQuX6tmboTwDPW3RPzq jKbZ6LO615w0xPhZpDQO/B963sF0UOcIc0v49k1Ua6biUeEQ/0luYn7nQPD9RVDV pb0qkk201qgVDkXXxPR+hN/HXstI0mc2+HjQjAhHiIOLyiMN3aPwGDH1XmHP5UiE TVw+M9cAqyC863KMg+WEkIGXvdwLJ2or6QQ07i50Zwl905mSFd9+nHVx5HLbkKFa UZvwU46zZXx069MIKHLFY2hX1ZqgR5eGGHUa6bZbMkeIjSl50IzILA== =ssJd -----END PGP SIGNATURE-----