diff --git a/g10/ChangeLog b/g10/ChangeLog
index df26e0730..96a087e37 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,17 @@
+2003-11-29  David Shaw  <dshaw@jabberwocky.com>
+
+	* trustdb.c (validate_keys): Reset the trustdb before checking if
+	we have any ultimately trusted keys.  This ensures that if we lose
+	all our ultimately trusted keys, we don't leave behind the old
+	validity calculations.  Noted by Peter Palfrader.
+
+	* revoke.c (gen_desig_revoke): Specify in the comment when a
+	designated revocation is generated.
+
+	* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
+	get_seckey_byname2): Remove Elgamal check since we are removing
+	type 20 keys altogether.
+
 2003-11-27  David Shaw  <dshaw@jabberwocky.com>
 
 	* pkclist.c (build_pk_list): Do not allow an empty PK list in
diff --git a/g10/getkey.c b/g10/getkey.c
index 477ba9e34..72b80ba76 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -1055,11 +1055,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
 	ctx.items[0].mode = KEYDB_SEARCH_MODE_FIRST;
 	rc = lookup( &ctx, &kb, 1 );
         if (!rc && sk )
-	  {
-	    sk_from_block ( &ctx, sk, kb );
-	    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
-	      rc=G10ERR_UNU_SECKEY;
-	  }
+            sk_from_block ( &ctx, sk, kb );
         release_kbnode ( kb );
 	get_seckey_end( &ctx );
     }
@@ -1681,11 +1677,6 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
         if ( x ) /* mask it down to the actual allowed usage */
             key_usage &= x; 
     }
-
-    /* Type 20 Elgamal keys are not usable. */
-    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
-      key_usage=0;
-
     pk->pubkey_usage = key_usage;
 
     if ( !key_expire_seen ) {
@@ -1902,13 +1893,6 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
         if ( x ) /* mask it down to the actual allowed usage */
             key_usage &= x; 
     }
-
-    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
-       not usable. */
-    if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
-       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
-      key_usage=0;
-
     subpk->pubkey_usage = key_usage;
     
     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
diff --git a/g10/revoke.c b/g10/revoke.c
index 51dfea20a..d33e2f4b7 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -294,7 +294,7 @@ gen_desig_revoke( const char *uname )
 	      goto leave;
 
 	    afx.what = 1;
-	    afx.hdrlines = "Comment: A revocation certificate should follow\n";
+	    afx.hdrlines = "Comment: A designated revocation certificate should follow\n";
 	    iobuf_push_filter( out, armor_filter, &afx );
 
 	    /* create it */
diff --git a/g10/trustdb.c b/g10/trustdb.c
index c9f75b933..95d8c38c5 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1949,6 +1949,10 @@ validate_keys (int interactive)
   stored = new_key_hash_table ();
   used = new_key_hash_table ();
   full_trust = new_key_hash_table ();
+
+  kdb = keydb_new (0);
+  reset_trust_records (kdb,NULL);
+
   /* Fixme: Instead of always building a UTK list, we could just build it
    * here when needed */
   if (!utk_list)
@@ -1957,10 +1961,6 @@ validate_keys (int interactive)
       goto leave;
     }
 
-  kdb = keydb_new (0);
-
-  reset_trust_records (kdb,NULL);
-
   /* mark all UTKs as used and fully_trusted and set validity to
      ultimate */
   for (k=utk_list; k; k = k->next)