Is self-signing necessary? Basic questions.
David Shaw
dshaw at jabberwocky.com
Sun Jan 2 22:07:57 CET 2011
On Jan 2, 2011, at 2:43 PM, Daniel Kahn Gillmor wrote:
> On 01/02/2011 10:01 AM, David Shaw wrote:
>> The only significant use of the direct-key signature is for key owners
>> to add designated revokers to their key. Designated revokers are carried
>> in a subpacket on a direct key signature.
>
> I think a revocation certificate (that is, revoking the primary key, not
> just revoking a given User ID or subkey) is also implemented as a
> direct-key signature.
No, a revocation certificate is its own sort of signature. Unlike a direct key signature where various pieces of meaning are carried as subpackets, a revocation signature carries the revocation meaning inherently. (Signature class 0x1F vs class 0x20).
David
More information about the Gnupg-users
mailing list