supersede key on key-server

Mike Acker Mike_Acker at charter.net
Mon Aug 22 18:44:51 CEST 2011


On 08/22/2011 12:03, Jonathan Ely wrote:
> I was wondering something similar. I have a few keys which I have
> invalidated and disabled but there is no way to delete them. I am using
> this new key which I have not uploaded because if something happens and
> I must re-create the key that will too become just clutter on the server.
>
> On 22/08/2011 10:39 AM, Mike Acker wrote:
>> >  some of us use more than one email address. with GPG it is simple to add
>> >  a secondary ID to a key and this seems to work quite well.
>> >  
>> >  when a change like this is made it is desirable to update the keyserver.
>> >  what happens when you re-upload a key to the keyserver? I hate to think
>> >  the keyserver gets loaded up with old junk keys no one want used anymore...
>> >  

you could upload a revoke certificate. hopefully they keyserver is smart 
enough to discover multiple hits on a given fingerprint as a result of a 
search... it would need to first search for the key by whatever search 
text was provided, and then search for hits on the fingerprint... if 
there is a revoke cert then you want to return that.  if they key was 
superseded by a later update it should provide the last updated copy.

interestingly they keys have a valid from/to date range, but no revision 
date... we may have to just carry out some experiments

--
  /MIKE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110822/89d794d1/attachment-0001.htm>


More information about the Gnupg-users mailing list