Deprecate "Revocation Key", replacing with full-key "Designated Revoker"

Daniel Kahn Gillmorrequested to merge
designated-revoker into master

The "revocation key" subpacket is problematic. It is the the most fragile piece of the specification wrt the fingerprint (collisions against a fingerprint can create surprising revocation effects). And it is potentially difficult to rely on for clients which might not be able to find the revoking key (for example, if keyservers are unavailable).

It is also not currently widely used.

This patch to the spec deprecates the "revocation key" subpacket and replaces it with a "designated revoker" subpacket that includes the full key, rather than the fingerprint.

The only cost here appears to be slightly increased size of the new subpacket type by comparison, which is an entirely reasonable cost that the (rare) users of this feature should be able to bear.

I've cargo-culted in the "class" octet from "Revocation Key". I'm not sure that octet is particularly useful, and i'd be happy to drop it if folks want to, but i didn't want to muddle the waters with a semantic change in addition to this mechanical change.

Signed-off-by: Daniel Kahn Gillmor dkg@fifthhorseman.net

Merge request reports