Revoke signature from key

Mike Acker Mike_Acker at charter.net
Mon Mar 21 20:02:27 CET 2011


Scenario thus far:

    * Tom Newguy joined my group
    * Tom created a keypair and sent his PUBLIC key to me
    * I have approved his membership in the group
    * I have signed his key and sent his public key with my signature to
      other members of the group
    * now Tom has left the group

Object: to revoke my signature from Tom Newguy's key

In a Simple Case where everyone has Tom's key on their local keyring I
can simply send a memo to everyone specifying that Tom's key should be
deleted.

What if one of the group loaded Tom's key to the server with my
signature attached?

I need to circulate a revoke certificate to the active members of the
group revoking my signature from Tom's key

HOWEVER: If I have only Tom's public key on my keyring -- which would be
normal -- the software will not allow me to generate a revoke
certificate -- to revoke my signature from his key.

Group members could easily DELETE Tom's key based on a letter of
Instruction (LoI) -- but his key could easily return from a keyserver --
if a group member had uploaded it...

Alternatively Group Members could DISABLE Tom's key.  I will have to
test to find out if that would prevent a new download from a keyserver

*Does anyone have any recommendations for evicting Tom?*

-- 
/MIKE

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110321/25d480f1/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110321/25d480f1/attachment.pgp>


More information about the Gnupg-users mailing list