我的笔记本电脑崩溃,我无法发现包括我的OpenPGP签名密钥在内的文件,我无法再部署到中央Maven存储库。
问题是我可以生成新密钥对并将公钥分发给密钥服务器,如hkp://pool.sks-keyservers.net吗?如何撤销我以前的公钥?
答案 0 :(得分:1)
How to revoke my previous public key?
Never lose access to your private key. If you have not generated a revocation certificate in advance, you cannot even revoke your key. You haven't even got a chance to remove the key from the key server network.
With other words: you can't do anything about the key you lost, unless in some time in future it is possible to brute-force the key (or crack it using other methods).
The question is can I generate an new key pair and distribute the public key to key server like
hkp://pool.sks-keyservers.net?
For a new key, you'll have to start publishing it again of course (using the SKS pool is a good choice and will make sure the key spreads throughout the key server network quickly). With a new key, you'll lose all certifications, of course. You might have to register the key somewhere in the Maven repository again.
At the same time, pre-generate a revocation certificate and put it in some safe place to be sure if some disaster happens again. And make sure to have some reasonable, automated and verified backup before you start doing anything on your computer.