Automatic check of key revocation

David Shaw
Thu Dec 19 19:04:18 2002

On Thu, Dec 19, 2002 at 05:28:23PM +0100, Erwan David wrote:
> Le Thu 19/12/2002, David Shaw disait
> > On Thu, Dec 19, 2002 at 09:53:54AM +0100, Erwan David wrote:
> > > 	Is there a way to automatically check if a key was revoked on
> > > the key server ? The company I work for wants to enforce this (for an
> > > internal keyserver with the keys of people in the company). I cannot
> > > find the feature on gnupg.
> > 
> > Use 'gpg --refresh <keyid>'.  If the key is revoked on the server, the
> > key will then be revoked on your local keyring.
> Isn't there a way to make this automatic ? I need to do this on all
> keys from local domain...

Automatic as in "check for a revocation every time a key is used"?
GnuPG can't currently do this, but it's a reasonable wishlist item.

It'll only be really usable for cases like yours where you have your
own keyserver.  It'll be brutally slow otherwise.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson