pgp: **key revoked** [NOT verified]

I revoked my key today, and uploaded it to the server. However, When looking at the server web page, I saw it says **key revoked** [NOT verified]. How do I verify this?

I am using gpg.


Solution 1:

I think I found an answer in this thread: http://www.gossamer-threads.com/lists/gnupg/users/65236

In short:

There is a packet which looks like a key revocation but it could be forged. If an OpenPGP application downloads the key from the server then it does a signature check.

Solution 2:

How do I verify this?

As Jon Callas already stated at Crypto.SE way back in June 2012 : you simply don’t.

In case a different wording helps, here’s a quote related to the exact same question… https://lists.gnupg.org/pipermail/gnupg-users/2014-February/049100.html

On 02/19/2014 11:55 AM, Hauke Laging wrote:

Am Di 18.02.2014, 23:19:33 schrieb Tadas Slotkus:

Hello,

I revoked my key and on the public key server it says: "* KEY
REVOKED *
[not verified]" Why does it say that revocation is
not verified?

That probably refers to the point that the keyservers don't do
crypto checks. It means: There is a packet which looks like a key
revocation but it could be forged. If an OpenPGP application
downloads the key from the server then it does a signature check.

That is a correct interpretation, indeed.