Revocation in OpenPGP
draft-dkg-openpgp-revocation-02

Versions:

This document is an Internet-Draft (I-D). Anyone may submit an I-D to the IETF. This I-D is not endorsed by the IETF and has no formal standing in the IETF standards process.

Document	Type	Expired Internet-Draft (individual) Expired & archived
	Authors	Daniel Kahn Gillmor , Andrew Gallagher
	Last updated	2025-09-29 (Latest revision 2025-03-28)
	RFC stream	(None)
	Intended RFC status	(None)
	Formats	txt html xml htmlized bibtex bibxml
	Additional resources	GitLab Repository Mailing List Mailing List Archive
Stream	Stream state	(No stream defined)
	Consensus boilerplate	Unknown
	RFC Editor Note	(None)
IESG	IESG state	Expired
	Telechat date	(None)
	Responsible AD	(None)
	Send notices to	(None)

Email authors IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt html xml htmlized bibtex bibxml

Abstract

Cryptographic revocation is a hard problem. OpenPGP's revocation mechanisms are imperfect, not fully understood, and not as widely implemented as they could be. Additionally, some historical OpenPGP revocation mechanisms simply do not work in certain contexts. This document provides clarifying guidance on how OpenPGP revocation works, documents outstanding problems, and introduces a new mechanism for delegated revocations that improves on previous mechanism.

Authors

Daniel Kahn Gillmor
Andrew Gallagher

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

Revocation in OpenPGP draft-dkg-openpgp-revocation-02

Revocation in OpenPGP
draft-dkg-openpgp-revocation-02