Key revocation UI confusion

Ben McGinnes ben at
Sat Oct 15 09:08:29 CEST 2011

On 13/10/11 9:50 AM, Andy Bennett wrote:
> Today someone suggested that they thought I'd revoked my key so I
> looked into it. At first I thought that they were possibly correct:
> some UIs seem to suggest that my key has indeed been
> revoked. However, 'gpg --verify' and Enigmail are happy to verify
> signatures made by my key and both tools are happy to use the key as
> if it were valid.

It looks fine to me:

bash-3.2$ gpg -k 7EBA75FF
pub   1024D/7EBA75FF 2000-10-30
uid                  Andy Bennett <andyjpb at>
uid                  Andy Bennett <andyjpb at>
uid                  Andy Bennett <andyjpb at>
sub   2048g/C65AF469 2008-05-27


This is all anyone (other than you) really needs to pay any attention
to.  The only time they need to edit the key is when signing it,
although maybe to check the available or preferred alorithms.  Even so
that only shows that two old UIDs have been revoked, along with one
old subkey which was clearly replaced by the other subkey.

That said, I can see why people might panic at the sight of the key
revocation message immediately after the pub line instead of reading
it as immediately before the sub line to which it refers.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20111015/43a8c6ac/attachment.pgp>

More information about the Gnupg-users mailing list