GnuPG 1.2.4 fetches revoked key
Adrian 'Dagurashibanipal' von Bidder
avbidder at fortytwo.ch
Tue May 18 08:36:17 CEST 2004
On Tuesday 18 May 2004 01.59, Malte Gell wrote:
> Of course, this is a "special case" if someone transforms a key into
> a subkey, nevertheless, GnuPG should not fetch a revoked key until
> told to do so, right? Is this a situation gpg is not aware of, or is
> it the SKS keyserver that shouldn't have sent the revoked key?
You ask the keyserver for a key matching a specific keyid, and the
keyserver sends back all keys with this keyid. Nothing wrong with the
keyserver.
I guess the GnuPG spec does just not intend two keys to have the same
keyid, so behaviour is unspecified at best. And relying on the old key
not being present in the recipients keyring is not really a good idea,
imho.
I guess GnuPG could check if there's an un-revoked key with that id when
checking signatures, but OTOH it may as well decide that it's a weird
special case and just not change its behaviour. Reasonably, in my book.
cheers
-- vbi
--
Today is Pungenday, the 65th day of Discord in the YOLD 3170
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 331 bytes
Desc: signature
Url : /pipermail/attachments/20040518/ac729d23/attachment.bin
More information about the Gnupg-users
mailing list