On Sat, 6 Jan 1996 09:47:16 -0000, "Frank O'Dwyer" <fod@brd.ie> wrote: [..]

The PGP formats do allow for a 'revocation' certificate, but PGP doesn't implement it (yet, I guess). In any case, it's not really strong enough, since what it says is "I retract all my previous statements that this key is related to this user". This'd mean that you'd have to visit everyone who'd ever signed your key and get them to issue this retraction. What would be needed for this problem is either an "anti-certificate" ("This key does not belong to this user"), or else some convention. For example, if two _trusted_ keys are found for the same uid, the most recent one could be chosen, and the earlier one be purged from keyservers, etc. This may be possible with current PGP. I haven't tried it, but since I have some keys which have fallen into disuse, I will need to do so sometime.).

Revocation of signatures is a good thing, but beware of anti-certificates, since one can create a nasty web of affirmations and denaials that is unresolvable. (Yes, literally from Logic 101 classes about paradoxes....)