Handle GPG revocation signatures

*(transferred from in-toto/in-toto#263)*

**Description of issue or feature request**:
in-toto/in-toto#257 adds gpg self-signature verification support, for signatures types 0x10-0x13 (certifications) and 0x18 (subkey binding signature). The added infrastructure may be used to also consider other signature types such as,
- 0x20: Key revocation signature
- 0x28: Subkey revocation signature
- 0x30: Certification revocation signature

See RFC4880 [5.2.1. Signature Types](https://tools.ietf.org/html/rfc4880#section-5.2.1) and  [12.1.  Key Structures](https://tools.ietf.org/html/rfc4880#section-12.1) for details about the signatures types and where in the key bundle they occur.

**Current behavior**:
Revocation type gpg signatures are ignored.

**Expected behavior**:
Handle revocation type gpg signatures, e.g. ignore revoked keys or certificates and/or warn user about them.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Handle GPG revocation signatures #190

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Handle GPG revocation signatures #190

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions