On Thu, Feb 28, 2002 at 03:24:26PM -0500, Michael Young wrote:
Another aspect I didn't test is what PGP does when the designated
revoker's key is not available. I suppose it could check for
revocations with a matching "issuer" hint. (Anyone who could tweak
the hint could destroy the revocation just as easily anyway.)
Does it? If there is a match (but no key), what is the validity decision?
If the designated revoker's key is not present, then a key "revoked"
by the designated revoker key is not treated as revoked. GnuPG - as
of this morning - does it the same way.
David Shaw | Technical Lead
<dshaw(_at_)akamai(_dot_)com> | Enterprise Content Delivery
617-250-3028 | Akamai Technologies