View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000318 | Main CAcert Website | GPG/PGP | public | 2006-08-26 12:00 | 2012-12-20 08:31 |
| Reporter | Sourcerer | Assigned To | Sourcerer | ||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | needs work | Resolution | open | ||
| Summary | 0000318: OpenPGP CRL | ||||
| Description | Hmmm, we could issue a CRL. Just add all the revocation keys and our revocation sigs in one huge file. So everyone can just load the CRL file from CAcert, and import that CRL file manually, if they want to. | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | |||||
|
|
This means to publish a list of all keys including there uids with revoked sigs. I think this may result in privacy probs. I think it will be better to upload all revokes to one or a group of keyservers named at the website so everbody can download the revokes for the keys he uses (for example with: gpg --refresh-keys). A nice side efect will be that even if someone not useing this offer he likely would get the revokes because of the syncing between the keyservers when he download new version (refreshing) of the keys in his keyring. |
|
|
I agree with publishing to a key server, although for the most part this relates back to the escrow of revoke keys... |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2006-08-26 12:00 | Sourcerer | New Issue | |
| 2006-10-27 06:43 | ph3 | Note Added: 0000695 | |
| 2006-11-27 13:14 | duane | Status | new => needs work |
| 2006-11-27 13:14 | duane | Assigned To | => Sourcerer |
| 2006-11-27 13:15 | duane | Note Added: 0000728 | |
| 2012-12-02 16:38 | INOPIAE | Relationship added | related to 0001119 |
| 2012-12-20 07:28 | Werner Dworak | Relationship added | related to 0000089 |
| 2012-12-20 08:31 | Werner Dworak | Relationship added | related to 0001079 |
