On 13/10/11 9:50 AM, Andy Bennett wrote: > > Today someone suggested that they thought I'd revoked my key so I > looked into it. At first I thought that they were possibly correct: > some UIs seem to suggest that my key has indeed been > revoked. However, 'gpg --verify' and Enigmail are happy to verify > signatures made by my key and both tools are happy to use the key as > if it were valid.
It looks fine to me: bash-3.2$ gpg -k 7EBA75FF pub 1024D/7EBA75FF 2000-10-30 uid Andy Bennett <[email protected]> uid Andy Bennett <[email protected]> uid Andy Bennett <[email protected]> sub 2048g/C65AF469 2008-05-27 bash-3.2$ This is all anyone (other than you) really needs to pay any attention to. The only time they need to edit the key is when signing it, although maybe to check the available or preferred alorithms. Even so that only shows that two old UIDs have been revoked, along with one old subkey which was clearly replaced by the other subkey. That said, I can see why people might panic at the sight of the key revocation message immediately after the pub line instead of reading it as immediately before the sub line to which it refers. Regards, Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
