Page MenuHome GnuPG
Create Task
Maniphest T2960

--quick-revoke-uid can be used to revoke last uid, contrary to docs
Closed, ResolvedPublic
Actions

Description

The documentation says:

"""
This command revokes a User ID on an existing key. It cannot be used
to revoke the last User ID on key (some non-revoked User ID must
remain), with revocation reason ``User ID is no longer valid''. If
you want to specify a different revocation reason, or to supply
supplementary revocation text, you should use the interactive
sub-command @code{revuid} of @option{--edit-key}.
"""

Which is a bit fuzzy. It can be read as "it is ok to revoke the last uid with a
differen reason", but that is weird, because there is no way to specify the
reason using this command.

I hereby note that

  1. It is possible to revoke the last uid with --quick-revoke-uid.
  2. It is possible to revoke the last uid with --edit-key, with the reason "User

ID is no longer valid".

Details

Version
master

Related Objects

Event Timeline

justus set Version to master.Feb 16 2017, 5:26 PM
justus added projects: gnupg (gpg22), gnupg, Bug Report.
justus added a subscriber: justus.
justus added a comment.Mar 2 2017, 2:05 PM

I read the code and documentation for key-edit's revuid, and --quick-revoke-uid,
and the code makes no effort to ensure that one valid UID remains.

I read rfc4880 trying to find the basis for "some non-revoked User ID must
remain", but the only justification I could find is in section 11.1.,
Transferable Public Keys, that states that at least one UID must be included if
one wants to transfer keys.

So, do we actually want to enforce that or fix the documentation?

werner added a subscriber: werner.Mar 2 2017, 5:00 PM

I think it is easier to enforce this than to handle bug reports due to
export/import and whatever problems.

justus closed this task as Resolved.Mar 7 2017, 1:56 PM
justus claimed this task.

Fixed in 591b6a9d879cbcabb089d89a26d3c3e0306054e1.

Saklad5 mentioned this in T6051: Allow revoking last UID of primary key with expert mode.Jul 3 2022, 4:02 AM