[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Revocation key difficulty
On Tue, Mar 05, 2002 at 03:43:54PM -0500, Michael Young wrote:
> David Shaw noted this PGP (and now GnuPG) behavior:
> > If the designated revoker's key is not present, then a key "revoked"
> > by the designated revoker key is not treated as revoked. GnuPG - as
> > of this morning - does it the same way.
> I would argue that silently ignoring a missing revoker is a bad default.
> GnuPG is generally very good about issuing warnings (and offering
> options :-). Would you be willing to do so here (at least when
> a potential revocation is present)?
Good idea. I think a warning during key import if a key has a
potential revocation on it is appropriate.
> I know this doesn't thwart would-be attackers. They can always
> remove the revocation itself. A warning would simply help
> recognize that the key is effectively incomplete, and that the
> revoker should be retrieved. (Or, have you adjusted GnuPG to
> automatically retrieve revokers after retrieving a key from a server?)
It doesn't, but that's a good idea as well (to be optional, of
David Shaw | Technical Lead
<dshaw@xxxxxxxxxx> | Enterprise Content Delivery
617-250-3028 | Akamai Technologies