TOFU - motivation
Nicholas Cole
nicholas.cole at gmail.com
Sat Apr 4 18:26:09 CEST 2015
On Saturday, 4 April 2015, Werner Koch <wk at gnupg.org> wrote:
> On Tue, 31 Mar 2015 22:15, rjh at sixdemonbag.org <javascript:;> said:
>
> > The Web of Trust handles this by allowing people to decide their own
> > trusted introducers. But for system-wide TOFU, *every* application with
> > write access to the DB is a trusted introducer.
>
> I think there is a misunderstanding. There won't be a system-wide TOFU.
> The database storing the TOFU data will be local to the gnupg home
> directory in the very same way as the ownertrust (trustdb.gpg) is.
>
Why add the complexity of a second database? Why not use a local signature
(perhaps with a special flag). Seems much simpler to me and would work
with existing tools.
N.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150404/e89c2208/attachment-0001.html>
More information about the Gnupg-devel
mailing list