GnuPG 1.2.4 fetches revoked key

Adrian 'Dagurashibanipal' von Bidder avbidder at
Tue May 18 08:36:17 CEST 2004

On Tuesday 18 May 2004 01.59, Malte Gell wrote:

> Of course, this is a "special case" if someone transforms a key into
> a subkey, nevertheless, GnuPG should not fetch a revoked key until
> told to do so, right? Is this a situation gpg is not aware of, or is
> it the SKS keyserver that shouldn't have sent the revoked key?

You ask the keyserver for a key matching a specific keyid, and the 
keyserver sends back all keys with this keyid. Nothing wrong with the 

I guess the GnuPG spec does just not intend two keys to have the same 
keyid, so behaviour is unspecified at best. And relying on the old key 
not being present in the recipients keyring is not really a good idea, 

I guess GnuPG could check if there's an un-revoked key with that id when 
checking signatures, but OTOH it may as well decide that it's a weird 
special case and just not change its behaviour. Reasonably, in my book.

-- vbi

Today is Pungenday, the 65th day of Discord in the YOLD 3170
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 331 bytes
Desc: signature
Url : /pipermail/attachments/20040518/ac729d23/attachment.bin

More information about the Gnupg-users mailing list