revocation signatures

David Shaw dshaw at
Tue Jun 15 21:25:01 CEST 2004

On Tue, Jun 15, 2004 at 03:00:57PM -0400, Atom 'Smasher' wrote:
> On Tue, 15 Jun 2004, David Shaw wrote:
> > Currently, there is no binding between a revocation and a signature.
> > That is, the revocation could refer to any signature issued by that
> > key and dated before the revocation.
> ================
> wait a minute..! does that mean that if bob revokes his signature of 
> alice's key, then mallory could use ~that~ revocation and revoke bob's 
> signature from any key that bob had previously signed key (except for 
> bob's key)?

No, it means that Mallory could use the revocation to revoke any
signature of Bob's on Alice's key that was dated before the
revocation.  In other words, Mallory can't do anything that Bob or
Alice couldn't do.  The revocation hash includes the public key, so it
is not transferable.

> > There is no current way to get the revocation text in a key listing.
> > It is only shown when you try to encrypt to the revoked key.
> ================
> pgpdump.

Sure, or gpg --list-packets.  It's not nice and machine parseable


More information about the Gnupg-devel mailing list