TOFU - motivation

Daniel Kahn Gillmor dkg at
Tue Mar 31 22:30:53 CEST 2015

On Tue 2015-03-31 16:21:12 -0400, Robert J. Hansen wrote:
>> I think the way to store this sort of thing internally would be 
>> non-exportable certifications (possibly issued by a dedicated key) 
>> marked with a particular OpenPGP notation to indicate that they're
>> from this TOFU approach.
> Also store the providing application, so that apps can make informed
> decisions about whether to trust other applications' TOFU entries.

perhaps this is the value that should be stored in the cert-notation?


More information about the Gnupg-devel mailing list