Importing a key that has been revoked by a designated revoker

Dave Evans devans at
Thu Dec 21 17:56:54 CET 2006

If you import a key that has been revoked by a 
designated revoker, it seems that it does not show
as revoked unless the public key of the designated 
revoker is also on the keyring.  I don't know if
this is a bug or a feature.

To demonstrate this:

Generate a key named testkey

Add a designated revoker to testkey.

Use the designated revoker key to generate
a designated revocation certificate.

Import the designated revocation certificate.

Export testkey to a file.
Export the key of the designated revoker to another file.

Change to a clean copy of gpg by setting
the GNUPGHOME variable to point to an empty directory.

Import the file that testkey was exported to.

Observe that list-key does not show testkey as
revoked. You can also encrypt messages to testkey.

Import the public key for the designated revoker.

Observe that list-key now shows testkey as revoked.

This is using Gnupg 1.4.6 for Windows.

More information about the Gnupg-users mailing list