Issues with gpg revocation design

58 views Asked by At

I am making my own gpg server (based on the MIT one). I noticed something weird in the GPG chain of trust.

  1. I create my VeryTrustedKey. I push it to my gpg server. In my code, I force all users to have full trust for this key. It will be the trusted introducer for all users.
  2. A user User1 upload his key key1 to my server. It is signed by VeryTrustedKey on day 1 of the upload.
  3. On day 2, a user User2 import this key1 key. Because User2 has a trust full on VeryTrustedKey he also has a trust full on key1.
  4. On day 3, User1 loses his private key. VeryTrustedKey revoke the signature it has with key1.

The issue is that on day 4, User2 still fully trust key1, even after refreshing from the server (A refresh by command line using gpg --recv-key KEYID then gpg --refresh-keys) Is that normal ? How can I make it that trust will go away on a trust introducer revokation.

0

There are 0 answers