Handling a TOFU conflict

Werner Koch wk at gnupg.org
Wed Dec 7 11:03:21 CET 2016

On Tue,  6 Dec 2016 15:09, neal at walfield.org said:

>   $ gpg --command-fd 0 --status-fd 1 --trust-model tofu -r 16045E5FD8572D7C44AA6DCECC8D32F31C005AF3 -e 

Why do you want to use the --command-fd?  This is uncommon for
encryption or signing operations and not supported by gpgme.  The way
this is handled (expired, revoked, or ambiguous addresses) is to return
an error for the key and let the caller decide what to do.  This needs
to be done anyway for other error cases.  I can't see why a TOFU
conflict is different and needs a different way to handle it.

When you run the above command with --batch (as it is common and
suggested), you see the TOFU status lines as well as an INV_RECP status.

You gave the key by fingerprint which means you already looked it up the
mail address.  If this has been done --always-trust is used to force the
use of that key.  Tofu should only kick in for keys given by mail
address, because that is what TOFU is about.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: </pipermail/attachments/20161207/b0b7702e/attachment-0001.sig>

More information about the Gnupg-devel mailing list