Derek Atkins wrote:
What should be available (although it is not implemented) is a userID revocation, where you can basically send out a messages that will remove userIDs from a key. Then again, signature revocations should be implemented as well...
Sorry Derek, you lost me on this one. Why should there be signature revocations? When you sign a key, all you are vouching for is the integrity of the key, and not the integrity of the key issuer. At least that was my understanding. When would a signature revocation be necessary? The only time I can think of a use for this, is if someone has signed a key indiscriminately, in which case you shouldn't be trusting the validity of any of the signatory's signatures, since their signatures are untrustworthy. If I'm erring in some way, could someone please clairfy?