Retaining expired sigs
David Shaw
dshaw at jabberwocky.com
Mon Mar 21 05:36:42 CET 2005
On Sun, Mar 20, 2005 at 11:07:50PM -0500, Jason Harris wrote:
> I really don't think it is worth trying to protect against these
> scenarios. A user can simply remove any non-revocable sigs they
> don't want in their local keyring.
As soon as you posit a user who is going to edit their local keyring,
there is nothing to discuss. Editing the keyring violates the trust
"contract".
I don't think there is anything left to discuss. We've about reached
the stage where I'm saying "10+2!" and you're saying, "Bad example!
It's 6+6!"
> > When importing a non-revoke-sig + revoked sig set, PGP doesn't strip
> > anything, but does ignore the non-revokable sig (it isn't even visible
> > in the GUI).
>
> Gah! PGP 8.1 allows non-revocable sigs to be revoked?!
No. So far as I can tell in a not particularly rigorous 5-minute
test, it ignores the non-revocable sig completely. It's as if the uid
is unsigned. This is a safe way to ignore such a signature. No idea
what PGP 9 does. I haven't played with it yet.
PGP 7, incidentally, did allow non-revocable sigs to be revoked. Nice
to see that was fixed.
David
More information about the Gnupg-users
mailing list