[Top] [All Lists]

Re: Revocation key difficulty

2002-02-28 16:43:38

On Thu, Feb 28, 2002 at 03:24:26PM -0500, Michael Young wrote:

Another aspect I didn't test is what PGP does when the designated
revoker's key is not available.  I suppose it could check for
revocations with a matching "issuer" hint.  (Anyone who could tweak
the hint could destroy the revocation just as easily anyway.)
Does it?  If there is a match (but no key), what is the validity decision?

If the designated revoker's key is not present, then a key "revoked"
by the designated revoker key is not treated as revoked.  GnuPG - as
of this morning - does it the same way.


David Shaw          |  Technical Lead
<dshaw(_at_)akamai(_dot_)com>  |  Enterprise Content Delivery
617-250-3028        |  Akamai Technologies