mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-26 17:42:06 +01:00
Hard vs soft
This commit is contained in:
parent
f46ed006b9
commit
37d026a78b
1 changed files with 9 additions and 0 deletions
|
@ -150,6 +150,15 @@ Note: certification signatures [can be made irrevocable](https://www.ietf.org/ar
|
|||
|
||||
#### Hard vs. soft revocations
|
||||
|
||||
A revocation signature may contain a subpacket indicating the reason for revocation. This subpacket contains a code which specifies why the revocation was issued. This code determines, whether the revocation is hard or soft.
|
||||
|
||||
A soft revocation is typically used for graceful or planned revocations. A soft revocation can be reverted by re-validating the certificate, User ID or subkey with a fresh binding signature.
|
||||
A soft revocation invalidates the target certificate beginning with the revocations creation time.
|
||||
|
||||
Contrary, a hard revocation cannot be re-validated. Furthermore, a hard-revoked certificate is invalidated retroactively.
|
||||
|
||||
A missing revocation reason subpacket is equivalent with a hard revocation reason.
|
||||
|
||||
### Certification Recipes
|
||||
|
||||
As mentioned above, different signatures are used for different purposes.
|
||||
|
|
Loading…
Reference in a new issue