TOFU code available

Sun Oct 18 19:03:22 CEST 2015

Hi,

I've now pushed the TOFU code to master.  It will be part of the next
release.  It would be great to get some feedback on it.  To enable
TOFU, either set --trust-model=tofu or --trust-model=tofu+pgp.
(Alternatively, you can also add the line 'trust-model MODEL' to your
gpg.conf).  To get a feel for how TOFU works, try the following.

Encrypt a message:

  $ gpg2 -e -a -r EE37CF96
* gpg: Verified 0 messages signed by "Testing (insecure!)" (key: 362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 CF96, policy auto).
* gpg: Warning: we've have yet to see a message signed by this key!
* gpg: Warning: if this value is unexpectedly low, this might indicate that this key is a forgery!  Carefully examine the email address for small variations (e.g., additional white space).  If the key is suspect, then use 'gpg --tofu-policy bad "362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 CF96"' to mark the key as being bad.
  gpg: 6EA74366: There is limited assurance this key belongs to the named user
  -----BEGIN PGP MESSAGE-----
  ...

Verify a message:

  $ gpg2 --verify EE37CF96-1.txt 
  gpg: Signature made Fri 18 Sep 2015 02:05:37 PM CEST using RSA key ID EE37CF96
* gpg: Good signature from "Testing (insecure!)" [marginal]
* gpg: Verified 0 messages signed by "Testing (insecure!)" (key: 362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 CF96, policy auto).
* gpg: Warning: we've have yet to see a message signed by this key!
* gpg: Warning: if this value is unexpectedly low, this might indicate that this key is a forgery!  Carefully examine the email address for small variations (e.g., additional white space).  If the key is suspect, then use 'gpg --tofu-policy bad "362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 CF96"' to mark the key as being bad.
  gpg: WARNING: This key is not certified with sufficiently trusted signatures!
  gpg:          It is not certain that the signature belongs to the owner.
  Primary key fingerprint: 362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 CF96

And, encrypt to a key with the same email (well, in this case, name
since there is no email):

  $ gpg2 -e -a -r BC15C85A
  The binding <439D 954F 18F7 9CC4 F71B  ED91 CACE D996 BC15 C85A, testing (insecure!)> is NOT known.  Please indicate whether you believe the binding is legitimate (the key belongs to the stated owner) or a forgery (bad).

  Statistics for keys with the email 'testing (insecure!)':
    439D 954F 18F7 9CC4 F71B  ED91 CACE D996 BC15 C85A (this key):
      0 signed messages.
    362D 3527 F53A AD19 71AA  FDE6 5885 9975 EE37 CF96 (policy: auto):
      1 message signed over the past 1 month.

  Normally, there is only a single key associated with an emailaddress.  However, people sometimes generate a new key iftheir key is too old or they think it might be compromised.Alternatively, a new key may indicate a man-in-the-middle attack!Before accepting this key, you should talk to or call the personto make sure this new key is legitimate.

  (G)ood/(A)ccept once/(U)nknown/(R)eject once/(B)ad? b
  gpg: Verified 0 messages signed by "Testing (insecure!)" (key: 439D 954F 18F7 9CC4 F71B  ED91 CACE D996 BC15 C85A, policy bad).
  gpg: invalid trustlevel 3 returned from validation layer
  gpg: C6D85A87: There is no assurance this key belongs to the named user
  sub  rsa1024/C6D85A87 2015-09-18 Testing (insecure!)
   Primary key fingerprint: 439D 954F 18F7 9CC4 F71B  ED91 CACE D996 BC15 C85A
        Subkey fingerprint: F5A6 985C B48D BF6C 241B  6172 6B2A BB68 C6D8 5A87

  It is NOT certain that the key belongs to the person named
  in the user ID.  If you *really* know what you are doing,
  you may answer the next question with yes.

  Use this key anyway? (y/N) n
  gpg: [stdin]: encryption failed: Unusable public key

Also, take a look at the manual for a description the related commands
/ options (search for 'tofu').

:) Neal