On Wed, Apr 17, 2002 at 06:13:34PM -0700, Jon Callas wrote:
At 8:49 PM -0400 4/17/02, David Shaw wrote:
The first item is that there is no way to revoke a 0x1F signature.
Since the designated revoker information is contained in an 0x1F
signature, this means that once a user designates a designated
revoker, the user cannot later undo the designation if circumstances
change.
I'd like to request a new signature class to indicate a 0x1F
revocation or an expansion of the meaning of one of the existing
revocation signature classes to include 0x1F signatures.
[..]
How do you revoke your key if the revocation can be revoked? If your key is
compromised, the person who has it can do anything they want, including
revoke your revoker. The designated revoker might as well not be there if
it's not irrevocable. Now it's true, we also have an irrevocability
subpacket. But nonetheless, it can't be revocable.
Ah, excellent point. Do you think it is still worth (for
completeness, if not for the specific example of designated revokers)
having a way to revoke a 0x1F signature?
As for designated revokers in GnuPG, I'll do what PGP does and include
a nonrevocable subpacket with the 0x1F signature to remove any
ambiguity.
David
--
David Shaw | dshaw(_at_)jabberwocky(_dot_)com | WWW
http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson