On Thu, Dec 21, 2006 at 04:56:54PM +0000, Dave Evans wrote: > If you import a key that has been revoked by a > designated revoker, it seems that it does not show > as revoked unless the public key of the designated > revoker is also on the keyring. I don't know if > this is a bug or a feature.
This is neither a bug or a feature, but a natural result in how designated revokers work. Designated revokers do their job by issuing a signature onto the key they want to revoke. Naturally, if the designated revoker's key isn't on the keyring, we have no way to verify the signature. If we can't verify the signature, we can't know if it's real or a forgery. Keys in this state are treated specially: neither revoked or not revoked, but with a question attached. If you verify a signature from such a key, you'll see: gpg: WARNING: this key might be revoked (revocation key not present) It might be a good idea to display a similar warning on encryption to such a key, but we don't do that right now. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
