Automatic check of key revocation
David Shaw
dshaw@jabberwocky.com
Thu Dec 19 19:04:18 2002
On Thu, Dec 19, 2002 at 05:28:23PM +0100, Erwan David wrote:
> Le Thu 19/12/2002, David Shaw disait
> > On Thu, Dec 19, 2002 at 09:53:54AM +0100, Erwan David wrote:
> > > Is there a way to automatically check if a key was revoked on
> > > the key server ? The company I work for wants to enforce this (for an
> > > internal keyserver with the keys of people in the company). I cannot
> > > find the feature on gnupg.
> >
> > Use 'gpg --refresh <keyid>'. If the key is revoked on the server, the
> > key will then be revoked on your local keyring.
>
> Isn't there a way to make this automatic ? I need to do this on all
> keys from local domain...
Automatic as in "check for a revocation every time a key is used"?
GnuPG can't currently do this, but it's a reasonable wishlist item.
It'll only be really usable for cases like yours where you have your
own keyserver. It'll be brutally slow otherwise.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson