TOFU for GnuPG

Neal H. Walfield neal at walfield.org
Fri Oct 30 13:09:51 CET 2015


At Fri, 30 Oct 2015 12:06:14 +0000,
MFPA wrote:
> On Thursday 29 October 2015 at 2:06:51 PM, in
> <mid:878u6l93b8.wl-neal at walfield.org>, Neal H. Walfield wrote:
> 
> 
> > When you verify a
> > message from some user for the first time, GnuPG saves
> > the binding between the user id (actually, the
> > normalized email address) and the key.
> 
> The email address in the user-id, or the email address the message
> appears to come from?
> 
> If it's the email address in the user-id, what happens if the key has
> multiple UIDs covering several email addresses? Or if the user-ids
> contain no readable email addresses?

The user ids are used.  These are authorative.  If there are N user
ids, then N bindings are maintained.

> > When you verify
> > another message from that user, the saved bindings with
> > that user's address are retrieved.  If there is at
> > least one such binding, but none of them include the
> > signer's key, then either the signer is using a new key
> > or someone is attacking you.  In this case, GnuPG
> > displays a warning and prompts you to verify the key
> > and set an appropriate policy (e.g., the key should be
> > considered untrusted).
> 
> How does it handle a new signing sub-key?

The primary key is always used in the binding.

Thanks,

:) Neal



More information about the Gnupg-users mailing list