Allowing import of pubkeys without User ID
Werner Koch
wk at gnupg.org
Fri Jan 13 12:50:05 CET 2023
On Fri, 13 Jan 2023 11:00, Andrew Gallagher said:
> True, it’s not a security issue - but it is a usability one. “Key not
> found” is a temporary error, while “key revoked” is permanent. These
> are two quite different failure modes, and it would be best to clearly
> distinguish them.
Sure. But the point here is on how to retrieve a revocation
certificate. To do this you first need to have access to the key -
without the key there is no need to retrieving a revocation. Without a
key you don't know anything about a signature.
In fact you could store a standalone revocation certificate on the
server and allow accessing it by the included issuer fingerprint. A
dedicated keyserver command to do just this might be useful too.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20230113/076d139c/attachment.sig>
More information about the Gnupg-devel
mailing list