TOFU - motivation

Werner Koch wk at gnupg.org
Sun Apr 5 19:30:11 CEST 2015


On Sat,  4 Apr 2015 18:26, nicholas.cole at gmail.com said:

> Why add the complexity of a second database? Why not use a local signature
> (perhaps with a special flag).  Seems much simpler to me and would work
> with existing tools.

Because you would need to sign your key each time you verify a mail from
someone.  Sure, it could be put into an unhashed signature subpacket but
maintaining this is pretty complex.  For example you need to copy the
data over to the latest valid self-signature and be prepared for
conflicts after importing updates of the key.  A separate and random
access DB is much easier to work with when it comes to local data.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list