Contents - Keywords - Search || InstantCrypt Home - Previous - Next

Definition

A Revocation Certificate informs the public that the key that is revoked with this certificate is no longer valid and that it should not be used any more when someone want to send you a message. You can, e.g., send such a certificate to key servers (internet servers that make encryption keys available to the public), when you want that people do not use it any more.

A Revocation Certificate can also indicate that signatures made with this key are no longer valid and that the signature of this key should no longer be trusted.

You would revoke your key, e.g., when you lost it, when you think someone illegitimate had got a hold of your secret key ("key is compromised"), or when you chose to use a new key.

Hint

As you need the key to make a revocation certificate, it may be a good idea to make a revocation certificate right after you created that key and before you lose it. However, please guard this certificate well, as you do not want someone unauthorized to publish this certificate when you still want to use the key.

(Click here to go to find out how to make a revocation certificate.)