diff options
author | KB Sriram <kbsriram@google.com> | 2016-01-15 15:28:40 -0800 |
---|---|---|
committer | KB Sriram <kbsriram@google.com> | 2016-01-15 15:28:40 -0800 |
commit | 36bffc3ef5363d51ec3fc49e6b74b593a712b80e (patch) | |
tree | 0df7aac040d3b9eb2887ab765d988723cf865c95 /OpenKeychain/src/main/java/org/spongycastle/openpgp | |
parent | efbe9ac363132d3280f544d8377978286b828c79 (diff) | |
download | open-keychain-36bffc3ef5363d51ec3fc49e6b74b593a712b80e.tar.gz open-keychain-36bffc3ef5363d51ec3fc49e6b74b593a712b80e.tar.bz2 open-keychain-36bffc3ef5363d51ec3fc49e6b74b593a712b80e.zip |
Always revoke subkeys with a revocation signature.
Unlike UID revocations which are "reversible" by newer UID
self-signatures, a subkey revocation should be "permanent" even if
followed by a newer self-signature.
The RFC is ambiguous on this, but this is the convention used by (e.g.)
GnuPG. The rationale for this behaviour is available as comments within
the GnuPG source.
UID signatures:
https://github.com/mtigas/gnupg/blob/50c98c7ed6b542857ee2f902eca36cda37407737/g10/getkey.c#L1668-L1674
Subkey signatures:
https://github.com/mtigas/gnupg/blob/50c98c7ed6b542857ee2f902eca36cda37407737/g10/getkey.c#L1990-L1997
Diffstat (limited to 'OpenKeychain/src/main/java/org/spongycastle/openpgp')
0 files changed, 0 insertions, 0 deletions