This is not a mere UI issue. Basic verification is currently broke^Wdifferent, too, or the latest incident wouldn't have happened.
Hmm. I wonder... Ludo', are you worried that, since we already handle revocations like GPG would, the 'proper' OpenPGPmodel could somehow break? That we are in effect unable to safely fix this (yes, I maintain it is a) bug? Apologies if I'm wildly off the mark here. But then I'd like to hear some plausible threat models. Maxime? In their absence, nasty surprises like what happened last week are argument enough to (try to! :-) implement normal OpenPGP behaviour. Kind regards, T G-R Sent on the go. Excuse above-average rambliness.
