Trust, UIDs, signing & revoking

David Shaw dshaw@jabberwocky.com
Tue Nov 20 23:51:01 2001


--IS0zKkzwUGydFO0o
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 20, 2001 at 02:02:53PM -0800, Len Sassaman wrote:
> On Tue, 20 Nov 2001, David Shaw wrote:
>=20
> > They do not count.  Trust is given in a key+UID, so if the UID is
> > revoked, any trust in that key+UID is effectively revoked as well.
>=20
> Except for OpenPGP implementations that don't understand how revoked UIDs
> work.

Sure, but GnuPG does know how to do revoked UIDs.  Does PGP?  I don't
have a copy handy to check.

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--IS0zKkzwUGydFO0o
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6b (GNU/Linux)

iQEVAwUBO/rd+Iccwqs8s7QVAQHBCQf/cZSbkYjpG2K8ZqhfdLaLnSkw+YF99Y1d
BDfsg1oKsEH7w27cuhEDCnclvKghPUj+bkyZII215egQpsaQjcytXJPm5PJxDB8q
iRBshg5YZjq36uiEeAgbZV+buodksFx7aLL9qpsBTW511oQVUhF8brIjJrG6e5KN
rGSqjABtvmsx2YvU011JSGjSw/CHm5E45wycExb4sLdJQfLTu573ydYBqWbNYMAz
tjRV3XE4KQS+yIHtpH+ELzCyaCCmbTi006xwdxchNKEPGVbkrpLJHyVekW3zPaRW
zQhPCxG4ahMvbTb+LZW7UQ3dloEbRgWKgT5+gGwFgKgwei9hre4E+A==
=QS6D
-----END PGP SIGNATURE-----

--IS0zKkzwUGydFO0o--