Certs by a revoked key

David Shaw dshaw@jabberwocky.com
Fri Feb 21 13:21:02 2003

On Thu, Feb 20, 2003 at 09:01:14PM +0100, Jan Niehusmann wrote:

> For reference,
> http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-06.txt
> says in section
> "If a key has been revoked because of a compromise, all signatures
> created by that key are suspect. However, if it was merely superceded
> or retired, old signatures are still valid. If the revoked signature is
> the self-signature for certifying a user id, a revocation denotes that
> that user name is no longer in use.  Such a revocation SHOULD include
> an 0x20 subpacket."
> This seems to be a clarification of RFC2440, not a real change in the
> protocol. So shouldn't gpg handle revoked keys that way?

No, because unless you are talking about a very special use where the
sender and receiver have rigidly controlled clocks and nobody else can
participate, there is no way to tell whether the "old signatures"
predate the revocation or not.


   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson