On 31/10/17 01:08, Lachlan Gunn wrote: > I'm not sure that this is 100% correct. The first part is true, but > signatures > of a key that has been revoked because it was superseded or lost are valid up > to > the revocation date, whereas ROCA-affected keys are compromised to some degree > and so all signatures are suspect; the revocation status should, ideally, > reflect this.
Oh, I was talking about a ROCA-affected *subkey* but a clean primary key, where the subkey was already revoked by the primary key. I think you are talking about a ROCA-affected primary key. A ROCA-affected primary key should be revoked as *compromised*, replaced and not used in any capacity. And yes, the subkey should also be revoked with reason "compromised", for the reason you state. To clarify, do you agree if I reword the paragraph you contest as: But, I agree that the reverse is not true: a compromised subkey does not compromise the primary key in any way I can think of. And systems checking for ROCA should not reject a certificate because there is something wrong with an already revoked subkey. The only change is in the last word :-). HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
