Re: [openpgp] OpenPGP private certification

ietf-openpgp

Re: [openpgp] OpenPGP private certification

2015-04-08 05:56:47

On Thu,  2 Apr 2015 18:09, phill(_at_)hallambaker(_dot_)com said:

Since the key servers won't allow me to revoke the cert for the
private key I have no control over, I think that it would be more


They allow that but you need to have a key prepared for this:

 5.2.3.15.  Revocation Key

   (1 octet of class, 1 octet of public-key algorithm ID, 20 octets of
   fingerprint)

   Authorizes the specified key to issue revocation signatures for this
   key.  Class octet must have bit 0x80 set.  If the bit 0x40 is set,
   then this means that the revocation information is sensitive.  Other
   bits are for future expansion to other kinds of authorizations.  This
   is found on a self-signature.

("gpg --edit-key, addrevoker" to set such a key and "gpg --desig-revoke"
 to issue a revocation)


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], (continued) [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Daniel Kahn Gillmor Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Daniel Kahn Gillmor Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Brian Sniffen Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], ianG Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], Derek Atkins Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Werner Koch <= Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer Re: [openpgp] OpenPGP private certification, ianG Re: [openpgp] OpenPGP private certification, Werner Koch Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer

Previous by Date:	Re: [openpgp] ways forward wrt IETF wg - please try answer by Apr 8th, Werner Koch
Next by Date:	[openpgp] MIME micalg aparemter (was: MIME signature impact), Werner Koch
Previous by Thread:	Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], Phillip Hallam-Baker
Next by Thread:	Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker
Indexes:	[Date] [Thread] [Top] [All Lists]