GPG Key Photo Removal

David Shaw dshaw at jabberwocky.com
Sat Jan 31 20:40:28 CET 2004


On Sun, Feb 01, 2004 at 12:47:42AM +0000, Neil Williams wrote:

> You can also delete a uid but that won't remove the evidence from
> keyservers.  As you've already sent your key to keyservers that have
> problems with photo UID's you will continue to get mild error
> reports with your key in the future. GnuPG will construct a valid
> key and it's not a huge problem.

This is not true.  The mild error reports are due to a different sort
of keyserver corruption (subkeys).  There aren't many keyserver issues
with photo IDs - basically, it either works correctly, or it rejects
the key completely.  No gray area like subkeys.

> The OpenPGP specification does not support user ID revocation, but a
> user ID can effectively be revoked by revoking the self-signature on
> the user ID. For the security reasons described previously,
> correspondents will not trust a user ID with no valid
> self-signature.

That is out of date.  The updated specification supports user ID
revocation.  In GnuPG, use --edit-key and then "revuid" (the old
method of revoking the self-sig works as well).

David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 330 bytes
Desc: not available
Url : /pipermail/attachments/20040131/21231b09/attachment.bin


More information about the Gnupg-users mailing list