Testing GPG encrypted emails, I understand the reason for Revocation Certificate if you are making one for long time. Beings I'm trying to setup Thunderbird & Enigmail I thought I would start with keys that expires in 1wk. Once I finish testing then generate keys for longer time.
Systems: Manjaro & Ubuntu 18.04; 1wk GPG Keys created with terminal for 2 email accounts; Added my email to Thunderbird and will test to 2nd email acct. Question below.
Why create revocation certificate for key that expires in 1wk. I'm Googled out
Good operation security and manners. I've been using pgp since I first picked it up on an usenet feed some 30 years ago. Just to review, a certificate binds an identity to a key pair. If you lose your private key, or it's been compromised, it's good practice to revoke it immediately before someone else uses it to read your encrypted data or usurp your digital identity. If the revocation key is pre-generated, you don't need access to the private key to generate a revocation key. You can just upload the revocation to a keyserver. IMHO, you should be using subkeys to test with and keep your master key protected and intact. I use subkeys of my pgp key for code signing, another for ssh use, and another for my email signing and encryption.