On Mon, 05 Mar 2012 13:40:09 -0500, David Shaw wrote: > You can examine the revocation certificate with: > > gpg --export (your key id) | gpg --list-packets > The piece you are interested in will look like this. It's usually the > second packet in an exported key: > > :signature packet: algo 1, keyid 7296AD3DA736CEC5 > version 4, created 1330970459, md5len 0, sigclass 0x20 digest algo 2, > begin of digest 74 51 > hashed subpkt 2 len 4 (sig created 2012-03-05) hashed subpkt 29 len 10 > (revocation reason 0x01 (foobar)) subpkt 16 len 8 (issuer key ID > 7296AD3DA736CEC5) data: [2047 bits] > > Note the sigclass is "0x20", which is the revocation class. The keyid > would be that of your key (or it's a revocation for someone else, and is > not relevant to your key). "Created" is the epoch timestamp of when the > revocation was supposedly generated, echoed in "sig created". The > "revocation reason" is the reason given when generating the revocation: > > 0 == no reason given > 1 == revoked because the key was compromised 2 == revoked because the > key was superseded by another key 3 == revoked because the key is no > longer used > > The string in parenthesis is a human readable note given by the revoker.
I noticed that some tools (i.e. Enigmail) don't give you the option to specify a revocation reason. I haven't uploaded my revoked key as of yet, so how should I edit it to specify a reason? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
