diff options
| author | David Shaw <[email protected]> | 2002-08-22 17:47:42 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-08-22 17:47:42 +0000 |
| commit | 8609693d79539628e556d1982e80f93ccd339814 (patch) | |
| tree | eee15bb26bfc72171aefac56a877e1bee8d18a5a /g10/getkey.c | |
| parent | * query.c (agent_askpin): Provide the default desc text depending (diff) | |
| download | gnupg-8609693d79539628e556d1982e80f93ccd339814.tar.gz gnupg-8609693d79539628e556d1982e80f93ccd339814.zip | |
* import.c (clean_subkeys, chk_self_sigs): Merge clean_subkeys into
chk_self_sigs. This improves efficiency as the same signatures are not
checked multiple times. Clarify when a subkey is revoked (any revocation
signature, even if it is dated before the binding signature).
* getkey.c (merge_selfsigs_subkey): Subkey revocation comments.
* keylist.c (list_one): Stats are only for public key listings.
* g10.c (main), options.skel: Default should be include-revoked for
keyserver operations.
Diffstat (limited to '')
| -rw-r--r-- | g10/getkey.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/g10/getkey.c b/g10/getkey.c index 1f13dcacf..43db3abcb 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1629,6 +1629,14 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( IS_SUBKEY_REV (sig) ) { + /* Note that this means that the date on a + revocation sig does not matter - even if the + binding sig is dated after the revocation sig, + the subkey is still marked as revoked. This + seems ok, as it is just as easy to make new + subkeys rather than re-sign old ones as the + problem is in the distribution. Plus, PGP (7) + does this the same way. */ subpk->is_revoked = 1; /* although we could stop now, we continue to * figure out other information like the old expiration |