Handling a TOFU conflict
Werner Koch
wk at gnupg.org
Thu Dec 8 11:23:30 CET 2016
On Thu, 8 Dec 2016 10:19, neal at walfield.org said:
> Say we have a at example.org and a at example.org (the first a is a latin a
> and the second a is a Cyrillic a) and we internally normalize them to
As I already mentioned, we won't normalize anything.
> TOFU is about monitoring bindings to detect conflicts. If we don't
TOFU at example.org and T0FU at example.org are different identities - even if
you can't see that immediately. _We_ do not need to bother, a MUA _may_
give a hint that they look similar but that has nothing to do with
TOFU.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: </pipermail/attachments/20161208/d281298e/attachment.sig>
More information about the Gnupg-devel
mailing list