adding TOFU/POP to GnuPG
wk at gnupg.org
Fri Mar 14 19:38:20 CET 2014
On Fri, 14 Mar 2014 18:54, hans at guardianproject.info said:
> OpenPGP is so over-complicated, and seemingly only getting more so. And that
Compared to CMS OpenPGP is a quite lean and stable protocol. Changes to
the protocol are very rare: We only have a few RFCs adding new cipher or
public key algorithms.
The thing is that OpenPGP provides a lot of _optional features_ which
can be used to model any kind of PKI. Most of them are not in real use
and for GnuPG I try to limit the options presented to users. Still
there are too many of them and I agree that the interaction of the user
with the software should be limited to the bare needs. We experts can
still to play or use with almost everything from the standard and even
exchange encrypted messages with all users.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel