Re: Series of minor questions about OpenPGP 4
2009-01-29 19:15:56David Shaw wrote:
It doesn't actually revoke all of them. A 0x30 revocation on a 0x1F signature revokes (potentially) all of them that are a) from the same issuer (or from that issuer's designated revoker), and b) timestamped earlier than the revocation. It cannot revoke ones that come after it.
Of course. Sorry for the sloppy wording of my email. This is what I meant.
Even then there is the possibility of confusion of which signature you intend to revoke. In those cases, you can always specify a particular signature to revoke using the Signature Target subpacket in the revocation. Arguably, you could even revoke multiple signatures with one revocation by using multiple subpackets. Not, it should be pointed out, that many (any?) implementations support Signature Targets yet. But the semantics are there.
Thank you, this answers my question. Haven't paid attention to Signature Targets, because I haven't seen a single one in the wild. But they are, indeed, truly useful and as such worth implementing as soon as OpenPGP gets used for serious legal purposes. I might do it myself. -- Daniel
signature.asc
Description: OpenPGP digital signature
| Previous by Date: | Re: Series of minor questions about OpenPGP 4, David Shaw |
|---|---|
| Next by Date: | Re: Ideas on new user attribute types and image formats, Daniel Kahn Gillmor |
| Previous by Thread: | Re: Series of minor questions about OpenPGP 4, David Shaw |
| Next by Thread: | Re: Series of minor questions about OpenPGP 4, Peter Thomas |
| Indexes: | [Date] [Thread] [Top] [All Lists] |