Allowing import of pubkeys without User ID
Andrew Gallagher
andrewg at andrewg.com
Fri Jan 13 12:00:48 CET 2023
On 12 Jan 2023, at 20:11, Werner Koch <wk at gnupg.org> wrote:
>
> On Thu, 12 Jan 2023 12:24, Andrew Gallagher said:
>
>> associated personal information to those who do not. Bare revocations
>> may not be sufficent, as these will only be searchable via the primary
>> key fingerprint, whereas keys are often searched for by a subkey
>> fingerprint (e.g. to validate sigs).
>
> That is not a problem because you need to get the primary key anyway
> before you can use a subkey (because of the subkey binding signature).
True, it’s not a security issue - but it is a usability one. “Key not found” is a temporary error, while “key revoked” is permanent. These are two quite different failure modes, and it would be best to clearly distinguish them.
A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20230113/1aa87b0e/attachment.sig>
More information about the Gnupg-devel
mailing list