I have been reading about OpenPGP and I still have one doubt. When you first create a key pair, it generates a public key and a private key. One of the keys is used for signing and certificate [SC], while the other is used for encryption [E]. In some guides, they recommend creating a new subkey just for signing.
I think I understand how signing and encryption works: I cipher a plaintext with someone elses public key and sign it with my private. The receiver can verify I have really sent the cipher by using my public key and can read the content by using his private key.
I dont understand what role does the certificate play in here. Can someone light me here?
Extra: You can also create a revokation certificate, which I understand is to say to everybody that the public keys are no longer valid, right?