Deleting a designated revoker

Peter S. May me at
Fri Mar 16 17:29:58 CET 2007

> All that said, yes, GPG has no way to delete designated revoker
> packets.  The only way to do it is export your public key and run
> 'gpgsplit' on it.  Then delete the packet you want to get rid of and
> 'cat' the packets back together.

See below for all the support for revoker removal that you need.

I had to do it. :-)

Question for Werner:  Will there ever be a --with-colons for
--list-packets?  This script might not be friendly to non-English versions.

Good luck

The following script is hereby public domain.

usage:  strip-revokers < public.key > public-stripped.key


umask 077

DIR=`mktemp -d`

gpgsplit -p "$PREFIX" "$@" <&0 &&
for i in $( find "$DIR" -name 'packet-*' ); do
    if [ `echo -n "$i" | grep -cEe '002[.]sig'` != 0 ]; then
        COUNT=`gpg --list-packets "$i" \
            | grep -cEe '^[[:space:]]*hashed subpkt 12 len'`
        if [ $COUNT == 0 ]; then
            echo "Adding `basename "$i"`" >&2
            cat "$i"
            echo "Omitting `basename "$i"`: contains revocation" >&2
        echo "Adding `basename "$i"`" >&2
        cat "$i"
    shred -uz "$i"

rmdir "$DIR"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20070316/0c91aa1f/attachment-0001.pgp 

More information about the Gnupg-users mailing list