Detection of a revocation certificate prior to import
Patrick Brunschwig
patrick at enigmail.net
Tue Apr 12 08:24:04 CEST 2016
On 12.04.16 04:10, Daniel Kahn Gillmor wrote:
> On Sat 2016-04-02 05:16:42 -0400, Ludwig Hügelschäfer wrote:
>> is it possible to identify a revocation certificate prior to import?
>>
>> - --list-packets does not seem to be very specific.
>>
>> We want to do this in Enigmail prior to import providing a preview.
>
> i don't know of any way to do this in gpg directly :/ I do note that
> GnuPG 2.1 automatically creates the revocation certificates (in
> ~/.gnupg/openpgp-revocs.d) as files named *.rev. But they're stored in
> ascii-armored form, with "-----BEGIN PGP PUBLIC KEY BLOCK-----" headers
Using --list-packets works for me:
a revocation certificate contains a single signature packet with a
specific signature class (0x20 = revocation cert). If it comes alone, it
is a certificate that can be used to revoke a key; if it is part of a
key, the key is revoked.
-Patrick
More information about the Gnupg-devel
mailing list