Revocation of a user id?
Eugene Smiley
eugene@esmiley.net
Sat Mar 22 01:16:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>> Secondly, what are the implications of this? Does this break my
>>> signature on other peoples keys? And does this mean that other
>>> peoples signatures on that user id can no longer be used by third
>>> people to establish a key chain to my key? (which would implicate
>>> that this user id should simply not be used going forward but
>>> signatures made to it or signatures made by it still remain valid).
>>
>> Trust is chained via user IDs, so if you have multiple user IDs, and a
>> person signed them all, if you revoke one it does not matter from the
>> perspective of that person. If the person only signed one user ID,
>> and you revoke that one, then the chain stops that that point.
>
>So, that means that my signature on other peoples keys automatically
>becomes invalid?
The signatures that you have added to other peoples keys will be valid
unless you revoke your key. Maybe it'll be easier to explain by
looking at your key. This is based on the key that I pulled down from
the key servers.
Your school UID has 23 signatures plus a self-sig.
Your other UID has 6 signatures plus a self-sig.
They share 4 signatures. In other words, 19 people signed UID #1, 2
people signed UID #2 and 4 people signed both.
What David is saying is that if you revoke the school UID, it doesn't
matter to the 4 who have signed both keys or the 2 people who have
signed UID #2.
"If the person only signed one user ID, and you revoke that one, then
the chain stops that that point." Meaning that the signatures from the
19 people that haven't signed UID #2 are no longer valid.
The solution is to have those 19 people sign the new UID. They then
have access to the chain of signatures you are at the beginning of.
Eugene
+--------x---------x---------x---------x---------x---------x---------+
PGP keyID 0xA7EDFD2F
PGP Fingerprint 5B8F E97F 9E56 077A 17A9 3B9A E903 ED02 A7ED FD2F
+--------x---------x---------x---------x---------x---------x---------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - GPGrelay v0.92
Comment: This key is at http://www.biglumber.com/x/web?qs=0xA7EDFD2F.
iD8DBQE+e6t76QPtAqft/S8RAqdyAJ91FFMk1MrkYbgu4md0h0UtiXx7bQCg01HW
A29o9kE4tSsVAuW6dXZQdGY=
=Ockf
-----END PGP SIGNATURE-----