Page MenuHome GnuPG
Create Task
Maniphest T912

key revocations with no reason given should be treated as compromised
Closed, ResolvedPublic
Actions

Description

This is a request for a policy change.

RFC 4880 (section 5.2.3.23) states that:

If a key has been revoked because of a compromise, all signatures
created by that key are suspect. However, if it was merely
superseded or retired, old signatures are still valid.

The RFC does not specify what to do with a revocation with a reason that is
unspecified.

gpg seems to treat a revocation for an unspecified reason the same way that it
treats a revocation for the reason of being superseded (in other words, past
signatures are still valid).

However, there are compelling arguments for treating a revocation for an
unspecified reason in the most conservative way possible.

  • when in doubt it is safer to give a false negative than a false positive.
  • people may be hesitant to publicly admit that their key has been compromised.
  • revoking a key gives the impression that the key will no longer be valid -

period. The ability to enable past signatures to continue to be valid is a
feature that should require an extra step by the user to specify.

Event Timeline

jamie added a project: Feature Request.May 6 2008, 5:50 PM
jamie added a subscriber: jamie.
werner added a subscriber: werner.May 8 2008, 10:28 AM

gpg show's that the key has been revoked without giving a reason. The user
should do his own conclusion. There is no policy enforment on gpg.

Experience has shown that the usual reason for a key revocation is a forgotten
passphrase. Thus a pre-made revocation certificate is very useful. Obviously
you can't give a reason then.

In contrast, if a key has been compromised, that does not mean the key owner has
no more access to his secret key. Thus he can create a specific revocation
certificate then.

If you are really concerned you can create several revocation certifciates in
advanced for all envisioned reasons.

werner closed this task as Resolved.May 20 2008, 12:02 PM
werner claimed this task.