TOFU for GnuPG
Neal H. Walfield
neal at walfield.org
Fri Oct 30 12:51:27 CET 2015
At Fri, 30 Oct 2015 11:43:28 +0000,
MFPA wrote:
> On Thursday 29 October 2015 at 9:28:54 PM, in
> <mid:87611p8iuh.wl-neal at walfield.org>, Neal H. Walfield wrote:
>
>
>
> > Unfortunately, it doesn't. This is because there is
> > currently no standard way to communicate the id of the
> > new key. I've proposed a solution for this
>
> Wouldn't a signature notation (in a self-signature) be sufficient for
> this? Something like:-
>
> NewKey at domain.example.com=[fingerprint]
>
> And for key transition statements, perhaps a second notation:-
>
> TransitionStatement at domain.example.com=[URL]
Sure. But your point is a red herring. There is *currently* no way
to do this. However, the next version of the OpenPGP spec should have
a way to do this.
Neal
More information about the Gnupg-users
mailing list