correct CertificationRevocation section

This commit is contained in:
Tammi L. Coles 2023-11-25 11:09:11 +01:00
parent 8fe5dfcf33
commit 78b2766049

View file

@ -324,13 +324,14 @@ Since OpenPGP certificates are often distributed by the means of key servers, ne
To effectively mark a User ID as invalid, the user can publish a copy of their certificate with a *CertificationRevocation* signature (type `0x30`) attached to the invalidated User ID. This signature signals that the specified User ID is no longer valid or associated with the certificate holder. To effectively mark a User ID as invalid, the user can publish a copy of their certificate with a *CertificationRevocation* signature (type `0x30`) attached to the invalidated User ID. This signature signals that the specified User ID is no longer valid or associated with the certificate holder.
The structure of a certification revocation is as follows: The structure of a *CertificationRevocation* is as follows:
| Subpacket | Area | Critical | Mandatory | Notes | | Subpacket | Area | Critical | Mandatory | Notes |
|---------------------|--------|----------------|-------------------|---------------------------------------------| |-------------------------|--------|----------------|-------------------|-------------------------------------------------|
| Signature Creation Time | Hashed | True | True | Should be the current time | | Signature Creation Time | Hashed | True | True | Current time |
| Issuer Fingerprint | Hashed | True or False | Strongly Recommended | Indicates the primary key as the issuer | | Issuer Fingerprint | Hashed | True or False | Strongly Recommended | The primary key is the issuer |
| Reason for Revocation | Hashed | True | False | Determines the nature of the revocation | | Reason for Revocation | Hashed | True | False | Determines soft or hard revocation |
For User ID revocations, the *Reason for Revocation* subpacket is crucial. A value of `0` means no specific reason, leading to a hard revocation, while `32` indicates the User ID is no longer valid, resulting in a soft revocation. Omitting the reason subpacket is also equivalent to a hard revocation. For User ID revocations, the *Reason for Revocation* subpacket is crucial. A value of `0` means no specific reason, leading to a hard revocation, while `32` indicates the User ID is no longer valid, resulting in a soft revocation. Omitting the reason subpacket is also equivalent to a hard revocation.