Always revoke subkeys with a revocation signature.

Browse Source

Unlike UID revocations which are "reversible" by newer UID
self-signatures, a subkey revocation should be "permanent" even if
followed by a newer self-signature.

The RFC is ambiguous on this, but this is the convention used by (e.g.)
GnuPG. The rationale for this behaviour is available as comments within
the GnuPG source.

UID signatures:
50c98c7ed6/g10/getkey.c (L1668-L1674)
Subkey signatures:
50c98c7ed6/g10/getkey.c (L1990-L1997)

...

This commit is contained in:

KB Sriram

2016-01-15 15:28:40 -08:00

parent efbe9ac363

commit 36bffc3ef5

4 changed files with 311 additions and 12 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

1

OpenKeychain/src/test/resources/openpgp-interop Submodule

Submodule OpenKeychain/src/test/resources/openpgp-interop added at 1cf03918f0