GD doesn't always accept revocations
David Shaw
dshaw at jabberwocky.com
Wed Feb 9 21:07:58 CET 2005
On Wed, Feb 09, 2005 at 03:01:11PM -0500, Jason Harris wrote:
> On Wed, Feb 09, 2005 at 02:53:58PM -0500, David Shaw wrote:
> > On Wed, Feb 09, 2005 at 02:33:19PM -0500, Jason Harris wrote:
>
> > > It seems the GD doesn't always accept revocations for keys it stores:
>
> > > Note that the key is returned from keyserver-beta.pgp.com
> > > _without its revocation_:
> >
> > https://keyserver-beta.pgp.com/vkd/VKDHelpPGPCom.html :
> >
> > Can I post a revoked key to the PGP Global Directory?
> >
> > No. The PGP Global Directory includes many features to prevent it
> > from being filled with unusable keys. One of these features is that
> > the directory does not support revoked keys. Instead of revoking
> > your key, simply remove it from the directory.
> >
> > In short, it's a feature. I'm not sure I completely like that
> > feature, but nevertheless, the GD is operating as intended.
>
> Revoked keys are supposed to be _removed_ from the GD, period.
Supposed to by whose say-so? Period or what? I'll repeat the quote
from the GD:
Can I post a revoked key to the PGP Global Directory?
No. The PGP Global Directory includes many features to prevent it
from being filled with unusable keys. One of these features is that
the directory does not support revoked keys. Instead of revoking
your key, simply remove it from the directory.
They don't do it. They even document their not doing it. You might
suggest it to them as a feature, but they don't do it now.
I'm not saying I think this is optimal behavior, but the documentation
is pretty clear on this point.
David
More information about the Gnupg-users
mailing list