My question is simple (kind of): In what situations would you revoke a certificate that you have made on someone else's key? (Technically: --edit-key + revsig.)
Background concepts: When we sign a key (--edit-key + sign) we certify a particular user id, the link between the user id and person (or sometimes group) identity. Something like that. It's difficult to put this concrete enough but abstract enough to cover all cases but you know what I mean. But what would you say about conceptual meaning of revoking such certificate (--edit-key + revsig)? Maybe the link between the key or a particular user id and the actual person or group identity has been cut: person lost his secret key or just password and can't control the key anymore. So maybe by revsig a person gives a signal that he knows the link has been broken and tell people to not rely on his certificate anymore. Am I right? -- /// Teemu Likonen - .-.. <https://keybase.io/tlikonen> // // PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
