Allowing import of pubkeys without User ID

Andrew Gallagher andrewg at andrewg.com
Fri Jan 13 12:00:48 CET 2023


On 12 Jan 2023, at 20:11, Werner Koch <wk at gnupg.org> wrote:
> 
> On Thu, 12 Jan 2023 12:24, Andrew Gallagher said:
> 
>> associated personal information to those who do not. Bare revocations
>> may not be sufficent, as these will only be searchable via the primary
>> key fingerprint, whereas keys are often searched for by a subkey
>> fingerprint (e.g. to validate sigs).
> 
> That is not a problem because you need to get the primary key anyway
> before you can use a subkey (because of the subkey binding signature).

True, it’s not a security issue - but it is a usability one. “Key not found” is a temporary error, while “key revoked” is permanent. These are two quite different failure modes, and it would be best to clearly distinguish them.

A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20230113/1aa87b0e/attachment.sig>


More information about the Gnupg-devel mailing list