TOFU for GnuPG
Neal H. Walfield
neal at walfield.org
Fri Oct 30 13:09:51 CET 2015
At Fri, 30 Oct 2015 12:06:14 +0000,
> On Thursday 29 October 2015 at 2:06:51 PM, in
> <mid:878u6l93b8.wl-neal at walfield.org>, Neal H. Walfield wrote:
> > When you verify a
> > message from some user for the first time, GnuPG saves
> > the binding between the user id (actually, the
> > normalized email address) and the key.
> The email address in the user-id, or the email address the message
> appears to come from?
> If it's the email address in the user-id, what happens if the key has
> multiple UIDs covering several email addresses? Or if the user-ids
> contain no readable email addresses?
The user ids are used. These are authorative. If there are N user
ids, then N bindings are maintained.
> > When you verify
> > another message from that user, the saved bindings with
> > that user's address are retrieved. If there is at
> > least one such binding, but none of them include the
> > signer's key, then either the signer is using a new key
> > or someone is attacking you. In this case, GnuPG
> > displays a warning and prompts you to verify the key
> > and set an appropriate policy (e.g., the key should be
> > considered untrusted).
> How does it handle a new signing sub-key?
The primary key is always used in the binding.
More information about the Gnupg-users