A problem in the web of trust model or a gnupg bug?

Ingo Klöcker kloecker at kde.org
Fri Feb 19 19:20:22 CET 2016

On Friday 19 February 2016 15:12:34 Andrea Dari wrote:
> 1) This is the general situation:
> http://pastebin.com/NXuJj2h5
> User one is the user that i fully trust and has a revocation dated on
> 18 February 2016
> 2) Here you can see User one pbkey details:
> http://pastebin.com/g2tQKzPN
> 3) Here you can see that user three is treated with validity = full
> even if it is signed after the revocation of User one key.
> http://pastebin.com/EEGXcNa2
> Fortunately, this is not a real situation, but I tested it to
> understand what happened in this cases; because i wasn't able to find
> any documentation about it.

Did you run "gpg --check-trustdb" after you revoked the key of User one?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160219/af573d3f/attachment.sig>

More information about the Gnupg-users mailing list