TOFU - motivation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Mar 31 22:30:53 CEST 2015
On Tue 2015-03-31 16:21:12 -0400, Robert J. Hansen wrote:
>> I think the way to store this sort of thing internally would be
>> non-exportable certifications (possibly issued by a dedicated key)
>> marked with a particular OpenPGP notation to indicate that they're
>> from this TOFU approach.
>
> Also store the providing application, so that apps can make informed
> decisions about whether to trust other applications' TOFU entries.
perhaps this is the value that should be stored in the cert-notation?
--dkg
More information about the Gnupg-devel
mailing list