[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Revocability semantics

To: ietf-openpgp@xxxxxxx
Subject: Re: Revocability semantics
From: nagydani@xxxxxxxxxxxxxxxx (Daniel A. Nagy)
Date: Thu, 17 Jan 2008 14:49:10 +0100
In-reply-to: <20080117134152.GA2858@xxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <20080117134152.GA2858@xxxxxxxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Mutt/1.5.9i

Dear WG,

I am pretty sure that my interpretation of the standard is correct, but I
would like to
a) have it confirmed and
b) make it known to other implementers

The Revoacble flag as specified by RFC4880, Section 5.2.3.12, when set to 0,
only forbids revocation by the issuer, but not by other revokers.

In particular, if a revocation key (5.2.3.15) is present in addition to the
above flag, it means that the designated revoker is allowed to revoke the
certificate, but the issuer is not.

The context is the implementation of IOU notes as self-signatures on PGP
public keys, so that the PKS infrastructure can be used for their
dissemination (and, thus, for credit reputation tracking). More on this at
the upcoming FC2008, in Cozumel. ;-)

-- 
Daniel

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: Revocability semantics
  - From: Jon Callas
- Re: Revocability semantics
  - From: David Shaw

Prev by Date: Re: Public-key distribution via HTTP
Next by Date: Face to face meeting in Cozumel?
Previous by thread: Public-key distribution via HTTP
Next by thread: Re: Revocability semantics
Index(es):
- Date
- Thread