Allowing import of pubkeys without User ID
wk at gnupg.org
Fri Jan 13 12:50:05 CET 2023
On Fri, 13 Jan 2023 11:00, Andrew Gallagher said:
> True, it’s not a security issue - but it is a usability one. “Key not
> found” is a temporary error, while “key revoked” is permanent. These
> are two quite different failure modes, and it would be best to clearly
> distinguish them.
Sure. But the point here is on how to retrieve a revocation
certificate. To do this you first need to have access to the key -
without the key there is no need to retrieving a revocation. Without a
key you don't know anything about a signature.
In fact you could store a standalone revocation certificate on the
server and allow accessing it by the included issuer fingerprint. A
dedicated keyserver command to do just this might be useful too.
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: not available
More information about the Gnupg-devel