Handling a TOFU conflict

Neal H. Walfield neal at walfield.org
Fri Dec 9 22:50:35 CET 2016

On Thu, 08 Dec 2016 19:36:00 +0100,
Werner Koch wrote:
> On Thu,  8 Dec 2016 11:34, neal at walfield.org said:
> > reasoned argument.  (If there was one please point me to it.)
> Aside from discussions here, we discussed this in person, on ohone, and
> on jabber several times.  I know that you write a paper where you argued
> that protecting against homograph is important.  I do not share this
> view, though.  What seems to be a homograph to one person it is a
> plausible different entity to another person.
> > Then we'll have to disagree.  I would honestly and sincerely like to
> > hear what you think TOFU is trying to protect against.
> To detect and warn about a different key with the same mail address.

This is a symptom of some underlying problem.  I'd like to know what
the underlying problem that we are trying mitigate is.

Do you agree that we are trying to hinder active adversaries?  Or, are
we only trying to protect users from passive adversaries?  If the
former, what are the adversaries trying to do / what are they capable
of?  Are they interested in forging messages (e.g., spear phishing)?
Are they interested in conducting MitM attacks?  Do we assume that
they are capable of owning the user's home router?  Or, can they only
send emails?


More information about the Gnupg-devel mailing list