GD doesn't always accept revocations

David Shaw dshaw at
Wed Feb 9 21:32:57 CET 2005

On Wed, Feb 09, 2005 at 03:26:19PM -0500, Jason Harris wrote:
> On Wed, Feb 09, 2005 at 03:01:11PM -0500, Jason Harris wrote:
> > On Wed, Feb 09, 2005 at 02:53:58PM -0500, David Shaw wrote:
> > > In short, it's a feature.  I'm not sure I completely like that
> > > feature, but nevertheless, the GD is operating as intended.
> > 
> > Revoked keys are supposed to be _removed_ from the GD, period.
> [self-reply]
> Correction:  Revoked keys _should be_ _removed_ from the GD, period,
> in keeping with its stated goals.
> Obviously, the keyholder didn't heed the FAQ and has left 0x3EA5F9EF
> on the GD.  Unless this is corrected, ldap://
> will incorrectly serve the unrevoked version of the key for the next
> 6 months.

Yes.  I don't think this is the best design.  I understand the desire
to keep revoked keys off of the GD, but it's not clear what to do in
this case (an unrevoked key on the GD is suddenly revoked).

Drop the key immediately?  Accept the revocation and then drop the key
after some time has gone by?  I rather like the idea of accepting the
revocation, and then immediately causing the key to need to be
reverified by the user (as if their 6 month time on the GD was up).
This way the user knows what happened, and doing nothing causes the
key to fall out of the GD.


More information about the Gnupg-users mailing list