Revoking Old Keys... my problem

Jerry Windrel jerry.windrel at verizon.net
Fri Apr 30 18:14:44 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>Why would GnuPG allow a forged key to be imported? It must break the
>self-sig on the key or it could be used to add a false UID to a
>genuine key!

I think it would be imported as a new UID that is not signed.

Rather than speculate, why doesn't the person affected by the
situation try what I've suggested (perhaps waiting a few days first
to see if any others in the group have improvements,
contraindications, etc.) and we can all see what happens?

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com

iQA/AwUBQJJ7YYlVuABWWiqVEQIQIACg+MNiCPDd4B8h6iUGHt0Pq4uAz1YAoJkU
K95mvQShTfL+0eJCN4FbphLV
=L/W6
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list