key revocation reasons in frontends/gnupg
kwadronaut
kwadronaut at aktivix.org
Sun Jan 6 00:39:05 CET 2013
Hi,
I was thinking/discussing rfc2440 5.2.3.22. Reason for Revocation. I'd
love to hear opinions why it would or wouldn't make sense to have this
information easy(easier) available with gnupg or some frontends. I
personally find it very convenient to point people to that packet to say
that I for example have a new key that superseded the old one. But maybe
you have other opinions? For sake of easiness I'll paste here the
relevant RFC section:
(1 octet of revocation code, N octets of reason string)
This subpacket is used only in key revocation and certification
revocation signatures. It describes the reason why the key or
certificate was revoked.
The first octet contains a machine-readable code that denotes the
reason for the revocation:
0x00 - No reason specified (key revocations or cert revocations)
0x01 - Key is superceded (key revocations)
0x02 - Key material has been compromised (key revocations)
0x03 - Key is no longer used (key revocations)
0x20 - User id information is no longer valid (cert revocations)
Following the revocation code is a string of octets which gives
information about the reason for revocation in human-readable form
(UTF-8). The string may be null, that is, of zero length. The length
of the subpacket is the length of the reason string plus one.
Ciao,
Kwadronaut
More information about the Gnupg-users
mailing list