invalid gpg key revocation
John Clizbe
JPClizbe at tx.rr.com
Thu Mar 8 03:41:35 CET 2012
Faramir wrote:
> El 06-03-2012 16:58, Peter Lebbing escribió:
> ...
>> The keyservers don't do any validation on revocation certificates;
>> anyone who feels like it can add /invalid/ revocation certificates
>> to your key to annoy you. But as soon as OpenPGP software imports
>> the key from the keyserver, it will simply discard /invalid/
>> revocation certificates as noise.
>
> Ah... I was not aware of that... interesting...
>
This is due to two reasons:
1) It would add considerable processing overhead to the keyserver code
(I speak for SKS)
2) None of us want to do the crypto coding. (See #1)
--
John P. Clizbe Inet: John (a) Gingerbear DAWT net
FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys at gingerbear.net?subject=HELP
Cowboy Haiku -- Reflections on Rodeo
So many Cowboys. / Round Wrangler butts drive me nuts. / Never enough rope.
More information about the Gnupg-users
mailing list