View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000721||Main CAcert Website||GPG/PGP||public||2009-04-21 17:45||2012-12-20 07:50|
|Platform||Main CAcert Website||OS Version||stable|
|Summary||0000721: No way to revoke sigs on a OpenPGP key|
|Description||There is no way to revoke the sig on a OpenPGP like revoking the X.509 client and server certs.|
This may be useful only in a few situations but including the common case if a lost private key and no revoker cert can be found: The owner of the key could at least revoke some 'trust' from the old key.
|Steps To Reproduce||Visit the view GPG/PGP Keys page.|
|Additional Information||How a good revoking of the sig could be done:|
add a link to a revoking page.
On the page the user gets ask how to revoke:
1) generate a revoke cert and print it out to the user so the user can import it and public it.
2) send it to a keyserver selected by CAcert (a list of servers for redundancy)
3) send it to the preferred keyserver (the keyserver given marked as preferred in the key)
4) send it to a keyserver the user can enter.
What to do *should* be a multiple choice menu because normally it makes much sens to send it to the preferred keyserver and a list of serveres maintained by CAcert or a additional keyserver entered by the user...
|Tags||No tags attached.|