TOFO trust model should recognize ultimately trusted keys
Neal H. Walfield
neal at walfield.org
Wed Oct 21 13:58:02 CEST 2015
Hi Andre,
Thanks for the feedback and your help with debugging yesterday!
At Tue, 20 Oct 2015 19:46:23 +0200,
Andre Heinecke wrote:
> On Sunday 18 October 2015 19:03:22 Neal H. Walfield wrote:
> Using trust model "tofu+pgp":
>
> - Binding problems occured with my own keys (having multiple UId's on different
> keys). I find it strange that I am asked if one of my own keys is "Good". I
> would suggest that you can just assume an answer of "Good" in case the key is
> signed by a key with ultimate trust or is itself ultimately trusted.
I've checked in some code so that both the tofu and the tofu+pgp
models will recognize ultimately trusted keys as good. I don't think
the TOFU model should consider signatures at all. This is what the
pgp part of the tofu+pgp model is for.
Thanks!
Neal
More information about the Gnupg-devel
mailing list