the TOFU lie - or why I want my meat...

Neal H. Walfield neal at
Fri Apr 10 10:06:44 CEST 2015

Hi Bernd,

At Thu, 9 Apr 2015 22:04:46 +0200,
lists-gnupgdev at wrote:
> Am Thu, 09 Apr 2015 17:16:24 +0200
> schrieb "Neal H. Walfield" <neal at>:
> > I think it is fair to summarize your post as follows: TOFU is
> > significantly weaker than the Web of Trust and adoption of TOFU will
> > weaken the WoT.  Although you provide a number of arguments that
> > support your claim that TOFU is weak,
> I think "significantly weaker" does not apply as the two concepts are
> not either-or: you can check the keys in critical situations (and in
> those I would only rely on first hand verified keys anyway). Having TOFU
> in that scenario by default only increases automated checks for mostof
> the time where you do not care about a trust path anyway, and therefore
> strengthen the overall PGP communication "quality".
> And of course a WoT is not weakend if you do TOFU in addition - as long
> as you do not use TOFU informations for signing
> And even then, there
> are enough WoT participants today which already do weak checking:

I agree that it is reasonable to use both the WoT and TOFU to better
identify inconsistencies (i.e., keys changing).  I think Christoph
argued that using TOFU will undermine the WoT, because people will
think TOFU is enough and as such not support the WoT as much.  This is
a worse-is-better argument: the existence of an easy half-solution
means fewer people will embrace the more difficult full solution.  I
often agree with this argument, but in this case, I don't think it
applies: the WoT is not better (i.e., more secure) than TOFU.


More information about the Gnupg-devel mailing list