Re: Series of minor questions about OpenPGP 4

[David Shaw <dshaw@xxxxxxxxxxxxxxx>]

On Thu, Jan 29, 2009 at 11:02:42PM +0100, Daniel A. Nagy wrote:
> David Shaw wrote:
> > You revoke a 0x1F with a 0x30, same as you would use to revoke a
> > 0x10-0x13.  0x1F is a certification.
> 
> Hold on here. What you write here obviously follows from the text of
> the RFC, so I do not question it, but it does raise a semantic
> question.
> 
> Obviously, one reason for attaching certifications directly to a key
> rather than to particular user IDs is to make them stick even if any
> particular user ID is revoked or expires (or even all of them). So,
> if I want to make a statement about a certain person rather than a
> user ID (concerning, e.g., his/her trustworthiness as a certifier),
> I'd attach it directly to the key. There may be several
> certifications by several people saying different things about the
> person.
> 
> The question: how does one revoke one of them? A 0x30 computed
> directly on the key (as the RFC specifies) revokes all of them (for
> which it is a designated revoker), doesn't it? Is there no way to
> revoke just one?

It doesn't actually revoke all of them.  A 0x30 revocation on a 0x1F
signature revokes (potentially) all of them that are a) from the same
issuer (or from that issuer's designated revoker), and b) timestamped
earlier than the revocation.  It cannot revoke ones that come after
it.

Even then there is the possibility of confusion of which signature you
intend to revoke.  In those cases, you can always specify a particular
signature to revoke using the Signature Target subpacket in the
revocation.  Arguably, you could even revoke multiple signatures with
one revocation by using multiple subpackets.

Not, it should be pointed out, that many (any?) implementations
support Signature Targets yet.  But the semantics are there.

David