View Issue Details

IDProjectCategoryView StatusLast Update
0000075Main CAcert WebsiteGPG/PGPpublic2013-01-13 15:20
Reporterevaldo Assigned ToSourcerer  
Status closedResolutionwon't fix 
Fixed in Version2005 
Summary0000075: GPG Signature revocation system needed
DescriptionWe need to be able to issue GPG signature revocations.

Many users seem to lose their GPG keys too often, and normally they don't have GPG key revocation certificates stored (they should have, but they don't normally do), or one might have his GPG key storage device compromised and abused, without access to a copy of his key or a revocation certificate.

Revoking the signature would help break the trust on a compromised or lost key, or at least, removing our share of trust from that key.
TagsNo tags attached.
Reviewed by
Test Instructions


related to 0000013 needs workSourcerer Proof of Possession 
related to 0000089 needs workSourcerer GPG Revokation Escrow Service 
related to 0001079 needs work GPG key can not be revoked 



2005-11-22 21:06

developer   ~0000030

There is limited value in being able to revoke GPG signatures. People need to revoke their keys instead, which is something we can't do within the current GPG framework.


2005-11-22 23:17

developer   ~0000035

Might be worth investing in a revokation escrow service, as this is a function already performed with our x.509 services.

Issue History

Date Modified Username Field Change
2005-10-21 13:23 evaldo New Issue
2005-11-22 21:06 duane Status new => closed
2005-11-22 21:06 duane Note Added: 0000030
2005-11-22 21:06 duane Resolution open => won't fix
2005-11-22 23:17 duane Note Added: 0000035
2005-11-22 23:17 duane Assigned To => Sourcerer
2005-11-22 23:17 duane Status closed => @30@
2005-11-22 23:22 duane Relationship added related to 0000013
2005-11-22 23:28 duane Status @30@ => closed
2005-11-22 23:29 duane Relationship added related to 0000089
2012-12-20 08:37 Werner Dworak Relationship added related to 0001079
2013-01-13 15:20 Werner Dworak Fixed in Version => 2005