Am Di 10.02.2015, 13:01:17 schrieb Daniel Kahn Gillmor: > > I can even sit down with the owner of > > the key and verify his ID and fingerprint and sign it, meaning > > "this key belongs to this person, but was superseeded a week ago". > > If actually influences the validity of anything he signed up to a > > week ago.
I support this attitude. > your certifications (whether local or exportable) themselves have a > timestamp in them. It would be silly to certify a key and its user ID > after it was revoked by the owner; you'd be claiming "i believe that > right now this is the correct key", which is not the case. And who says that this is the statement? The RfC? I think that faking cannot be a good idea in a crypto context. What if the signing key was created after the revocation? What would that look like? It must be possible for people who have only newer keys to make a "the owner of this key is X" statement. > I understand the semantics of what you're trying to do, but i'm not > sure that OpenPGP has syntax to represent it. I don't see any problem with the syntax. The problem is the lack of semantic definition. The next OpenPGP version should address that at any rate. Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ http://userbase.kde.org/Concepts/OpenPGP_Help_Spread OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
