Revoked keys and past signatures
Hugo Osvaldo Barrera
hugo at barrera.io
Sun Feb 8 20:06:52 CET 2015
I revoked my gpg key yesterday because it was superceded by a newer one.
Now recepients of my messages during the last few years are getting a warning
that the key is invalid - even though it was perfectly valid the date the
messages were signed:
gpg: Signature made 2015-02-05T19:28:21 ART using RSA key ID 1BFBED44
gpg: Good signature from "Hugo Osvaldo Barrera <hugo at barrera.io>" [unknown]
gpg: WARNING: This key has been revoked by its owner!
gpg: This could mean that the signature is forged.
gpg: reason for revocation: Key is superseded
gpg: revocation comment: Superseded by 0x28C61189.
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: AA73 5C33 E081 E0D2 C945 5B12 873C F207 1BFB ED44
Did I do something wrong? Isn't the revokation date compared to the signature
date?
Does this mean that if someone revokes their key today, *all past* signatures
become invalid?
--
Hugo Osvaldo Barrera
A: Because we read from top to bottom, left to right.
Q: Why should I start my reply below the quoted text?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20150208/4bfe64bc/attachment.sig>
More information about the Gnupg-users
mailing list