GPG Services: verification results are wrong
GPG Services 1.11.6 1056 (ad0c960)
The verification results are wrong, if the signing key has been revoked.
I revoked my previous old key, because I created a newer one. Please note that the signatures of files that were created with a key, which is now revoked, are still valid. However, GPG Services gives me the following message:
Verification FAILED: Signature revoked (Code: 94)
This is wrong on so many levels. The verification is valid even though the key has been revoked.
The message should state something like this:
Signature valid - Key revoked - Reason for revocation: xxx
Telling people that a signature was not valid (what else is 'verification failed' supposed to mean?) is plain and simply wrong. It should clearly be stated that the signature is valid, but that the key was revoked.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Steve on 09 Mar, 2020 05:38 PM
Hi Helmut,
thanks a lot for taking the time to report this problem.
This one obviously slipped through the cracks and I can only apologize for the late reply.
Your report is valid and we have a ticket for this problem. I connected this discussion with the existing ticket. That means, should this discussion get closed, it will be re-opened as soon as the ticket is closed. That way you'll stay in the loop and get notified as soon as we have news. Feel free to open a new discussion should you run into further problems or need assistance.
All the best,
Steve
Support Staff 2 Posted by Steve on 06 May, 2020 01:25 PM
This problem has been addressed and the fix will be part of the next stable release.
Thanks again for reporting this problem.
Steve closed this discussion on 06 May, 2020 01:25 PM.