'sensitive' designated revoker -- are the keyservers still aware?

David Shaw dshaw at jabberwocky.com
Thu Feb 1 21:37:25 CET 2007

On Thu, Feb 01, 2007 at 03:21:02PM -0500, vedaal at hush.com wrote:
> David Shaw dshaw at jabberwocky.com wrote on
> Thu Feb 1 21:04:27 CET 2007
> >The idea behind this is that the relationship 
> >between the designated revoker and the key owner is sensitive, 
> > and so we must not reveal the identity designated revoker 
> >until we absolutely must 
> >(i.e. when they actually revoke the key).
> why must the identity be revealed at all,
> if the key-owner who designated the revoker doesn't want it to be?

Any anonymous revoker could not do their job as we wouldn't know
whether to ignore the revocation or not.  For example, say you
designated me as your revoker.  If my identity is kept secret, even
after I issued a revocation, how could someone coming across that
revocation know that they should accept it?


More information about the Gnupg-users mailing list