On Thu, 25 Feb 2016 00:45, d...@fifthhorseman.net said: > according to https://tools.ietf.org/html/rfc4880#section-5.2.3.23 : > > If a key has been revoked because of a compromise, all signatures > created by that key are suspect. However, if it was merely > superseded or retired, old signatures are still valid. If the
If the key has been compromised and the attacker assumes that the legitimate owner of the key is aware of that, the attacker may issue a revocation certificate with "superceded" reason and and claim that a later arriving "compromised" revocation has been done accidentally. Thus I am not convinced that the revocation reasons are useful for any automated evaluation. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
