TOFU - motivation

Robert J. Hansen rjh at
Tue Mar 31 22:21:12 CEST 2015

> GnuPG manages the keyring, and should therefore record the state of
> the TOFU data.

I have nothing against this idea.  Storing data is sensible (we already
do that, so it's hard to argue we shouldn't do that).

> I think the way to store this sort of thing internally would be 
> non-exportable certifications (possibly issued by a dedicated key) 
> marked with a particular OpenPGP notation to indicate that they're
> from this TOFU approach.

Also store the providing application, so that apps can make informed
decisions about whether to trust other applications' TOFU entries.

> b) what "cert-level" should this use?  I tend to believe that 
> cert-levels are not useful, and are possibly dangerous [0]

Completely agreed, but that's a total rant on my part -- ask me about it
sometime, though, if you want to see me get thoroughly irritated.  :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150331/9df36181/attachment.sig>

More information about the Gnupg-devel mailing list