TOFU code available
aheinecke at intevation.de
Tue Oct 20 19:46:23 CEST 2015
On Sunday 18 October 2015 19:03:22 Neal H. Walfield wrote:
> I've now pushed the TOFU code to master. It will be part of the next
> release. It would be great to get some feedback on it.
I've tried this out today. My observations in this mail are based on rev.
Using trust model "tofu+pgp":
- Binding problems occured with my own keys (having multiple UId's on different
keys). I find it strange that I am asked if one of my own keys is "Good". I
would suggest that you can just assume an answer of "Good" in case the key is
signed by a key with ultimate trust or is itself ultimately trusted.
- When running multiple keylists in parallel (Happens when Kleopatra is
running) after activating tofu-pgp trust model and running the first keylisting
leads to some errors. (We've talked about this on jabber already)
- The performance of the initial tofu db build is quite bad.
One of your changes today roughly doubled the time I currently need to build
the inititial tofu db. After removing the tofu.d the first keylisting now takes
about 45 seconds.
I think this needs some profiling and optimization as that's with a homedir on
a SSD with an i7 2600k CPU and a keyring with "just" 615 keys.
- In KMail / with Kleopatra messages signed with previously unknown keys are
shown as a good (green) signature with the details:
The signature is valid and the key is marginally trusted.
(Btw. I think that trust is the wrong word here but that's unrelated as this
is KMail internal ;-) )
While this appears basically Ok to me. This is probably too little
information. But I think it could work (without changes to KMail or Kleopatra
neccessary) if we would implement gpgme getauditlog for OpenPGP and fill it
with the tofu statistics shown on the command line.
More detailed verify information for OpenPGP as part of the Auditlog is
something we already have our TODO list for the Gpg4all project. So we could
probably add tofu details as part of that work?
KMail / Kleo both already query gpgme for an auditlog for every verification
and should make it available when it is available.
I've not yet tested what happens in case of conflicts where the command line
would ask questions. Maybe bring up a pinentry prompt for that?
While I'm pointing out the negative things I noticed in general I'm very happy
that Tofu is moving forward. :)
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel