Hi,
is there a way to make a designated revoker on a key sensitive after it
is already added as normal designated revoker? I have a key with a
designated revoker that is incompatible with opengpgjs (because they
ignore the standard, afaict). If the designated revoker was marked
sensitive
Hello,
I have a Japanese localization issue to report.
Currently, Japanese localization for designated revoker says the following
この鍵は、DSA鍵 f...@example.comによって失効されたようです
Which reads
This key has been revoked by DSA key f...@example.com
While in English version it says:
This key
On Fri, 16 Mar 2007 17:29, [EMAIL PROTECTED] said:
Question for Werner: Will there ever be a --with-colons for
--list-packets? This script might not be friendly to non-English versions.
No there wil be no such option. The OpenPGP message is already
machine readable ;-)
LC_ALL=C; export
All that said, yes, GPG has no way to delete designated revoker
packets. The only way to do it is export your public key and run
'gpgsplit' on it. Then delete the packet you want to get rid of and
'cat' the packets back together.
See below for all the support for revoker removal that you
In PGP desktop 9.5, I can delete a designated revoker from my keyring.
Having used GnuPG pretty much exclusively, I was under the impression
this was impossible. It wouldn't be an issue, but having torn my hair
out for several days over why CACert's OpenPGP signature system wouldn't
sign my key
if i've added a designated revoker to a key, WITH the 'sensitive' flag.
am i correct that:
(1) the 'sensitive' flag prevents the *export* of the add'l/designated
revoker's key
(2) the keyservers still learn/know that there IS a designated
revoker, AND its KeyID/UID
?
thanks
On Thu, Feb 01, 2007 at 11:23:58AM -0800, snowcrash+gnupg-users wrote:
if i've added a designated revoker to a key, WITH the 'sensitive' flag.
am i correct that:
(1) the 'sensitive' flag prevents the *export* of the add'l/designated
revoker's key
(2) the keyservers still learn/know
David Shaw dshaw at jabberwocky.com wrote on
Thu Feb 1 21:04:27 CET 2007
The idea behind this is that the relationship
between the designated revoker and the key owner is sensitive,
and so we must not reveal the identity designated revoker
until we absolutely must
(i.e. when they actually
When exporting a key that has a sensitive designated
revoker set, the key is exported, but the designated revoker
information is not included. Anyone looking at the key from the
outside cannot tell the difference between this state, and no
designated revoker set at all. However
On Thu, Feb 01, 2007 at 03:21:02PM -0500, [EMAIL PROTECTED] wrote:
David Shaw dshaw at jabberwocky.com wrote on
Thu Feb 1 21:04:27 CET 2007
The idea behind this is that the relationship
between the designated revoker and the key owner is sensitive,
and so we must not reveal the identity
revoker,
even if his key is revoked. the solution is for bob to generate a
revocation certificate, encrypt it to alice, and send it to alice with
instructions about if/when to publish it. this basically serves the same
purpose, but doesn't necessarily reveal that alice was the designated
revoker
If you import a key that has been revoked by a
designated revoker, it seems that it does not show
as revoked unless the public key of the designated
revoker is also on the keyring. I don't know if
this is a bug or a feature.
To demonstrate this:
Generate a key named testkey
Add a designated
On Thu, Dec 21, 2006 at 04:56:54PM +, Dave Evans wrote:
If you import a key that has been revoked by a
designated revoker, it seems that it does not show
as revoked unless the public key of the designated
revoker is also on the keyring. I don't know if
this is a bug or a feature
On Sun, Mar 20, 2005 at 12:03:37PM +0100, David Lorch wrote:
Hi all,
GPG provides an option to add a designated revoker to a key.
Having designated my primary key as revoker for a smart card key, I
would like to know how I can actually revoke the latter should I lose
its secret key
14 matches
Mail list logo
