key revocation

Len Sassaman rabbi at abditum.com
Thu May 13 10:45:46 CEST 2004


On Thu, 13 May 2004, Atom 'Smasher' wrote:

> according to my reading of rfc 2440, a key revocation is only valid if
> either:
> 	a) it was generated by the PRIMARY key, or
> 	b) it was generated by a key DESIGNATED by the PRIMARY key
>
> q1 - is that correct?
>
> q2 - are there any (broken?) applications that will accept a revocation
> key generated by a subkey as valid?

PGP versions 5.x through 6.5.7 will accept a revocation generated by *any*
key as valid.






More information about the Gnupg-users mailing list