View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000721 | Main CAcert Website | GPG/PGP | public | 2009-04-21 17:45 | 2012-12-20 07:50 |
Reporter | ph3 | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | always |
Status | new | Resolution | open | ||
Platform | Main CAcert Website | OS Version | stable | ||
Summary | 0000721: No way to revoke sigs on a OpenPGP key | ||||
Description | There is no way to revoke the sig on a OpenPGP like revoking the X.509 client and server certs. This may be useful only in a few situations but including the common case if a lost private key and no revoker cert can be found: The owner of the key could at least revoke some 'trust' from the old key. | ||||
Steps To Reproduce | Visit the view GPG/PGP Keys page. | ||||
Additional Information | How a good revoking of the sig could be done: add a link to a revoking page. On the page the user gets ask how to revoke: 1) generate a revoke cert and print it out to the user so the user can import it and public it. 2) send it to a keyserver selected by CAcert (a list of servers for redundancy) 3) send it to the preferred keyserver (the keyserver given marked as preferred in the key) 4) send it to a keyserver the user can enter. What to do *should* be a multiple choice menu because normally it makes much sens to send it to the preferred keyserver and a list of serveres maintained by CAcert or a additional keyserver entered by the user... | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | |||||
Date Modified | Username | Field | Change |
---|---|---|---|
2009-04-21 17:45 | ph3 | New Issue | |
2012-12-15 07:27 | INOPIAE | Relationship added | has duplicate 0001079 |
2012-12-20 07:50 | Werner Dworak | Relationship added | related to 0000089 |