Importing a key that has been revoked by a designated revoker
Dave Evans
devans at hclb.demon.co.uk
Thu Dec 21 17:56:54 CET 2006
If you import a key that has been revoked by a
designated revoker, it seems that it does not show
as revoked unless the public key of the designated
revoker is also on the keyring. I don't know if
this is a bug or a feature.
To demonstrate this:
Generate a key named testkey
Add a designated revoker to testkey.
Use the designated revoker key to generate
a designated revocation certificate.
Import the designated revocation certificate.
Export testkey to a file.
Export the key of the designated revoker to another file.
Change to a clean copy of gpg by setting
the GNUPGHOME variable to point to an empty directory.
Import the file that testkey was exported to.
Observe that list-key does not show testkey as
revoked. You can also encrypt messages to testkey.
Import the public key for the designated revoker.
Observe that list-key now shows testkey as revoked.
This is using Gnupg 1.4.6 for Windows.
More information about the Gnupg-users
mailing list