key history on keyservers

John Clizbe JPClizbe at comcast.net
Fri Dec 19 13:53:29 CET 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephan Debelle wrote:

> In an attempt to change the comment (which can not be removed) for my
key, I
> did the following:
>
> 1- Removed existing signatures from my key so it would be as it was
> originally
> 2- Added a new address to the key using the adduid command
> 3- Made this address the primary address
> 4- removed the address which included the comments I wanted to removed
>
> Locally I could view the signature on the key and everything looked great
> exactly as it should have been.  I then re-added another address and it
also
> is fine when I look at the key locally on my machine.
>
> Next I uploaded the key to a key server to update the new "version", to my
> surprise the key kept its history.  Now it appears very messy (still
usable)
> as it includes all the changes I made to it.  I am somewhat surprised by
> this behavior as it seem we can remove addresses and signatures from a key
> but the key server appears to keep the history.
>
> Any idea why it is set up this way?

Ummm, it was designed that way. The keyservers are setup to merge/add
information in a key. There is no functionality for removing data. The
only option would be to revoke the old user id (with the old comment), add
a new user id and designate the new id as primary if applicable.

Although GnuPG handles the name, email address and comment as distinct,
the OpenPGP standard treats the concatenated fields as a single item.

- --
John P. Clizbe                   Inet:   JPClizbe(a)comcast DOT nyet
Golden Bear Networks             PGP/GPG KeyID: 0x608D2A10
  "Hyperboloids of wondrous Light / Rolling for aye through Space and Time
Harbour those waves which somehow Might / Play out God's holy pantomime."
         - Alan Turing, shortly before his death in 1954
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
Comment: Annoy John Asscraft -- Use Strong Encyption

iD8DBQE/41czHQSsSmCNKhARAg9CAJ9mI4JAyvwD/gz0DLrE+0lYnbz7KwCfbDIS
J1EiWG6zhu6nj/k6xrqaHps=
=kSbd
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list