Key selection order
Peter Lebbing
peter at digitalbrains.com
Thu Jan 14 22:26:19 CET 2016
On 2016-01-14 21:06, Andrew Gallagher wrote:
> Granted. And it does provide a speed bump to a potential attacker, so
> is preferable to nothing. But it's not a long term solution.
I disagree. It's a "good enough" solution for many circumstances. And
we know by now how well the WoT works in many circumstances. Both have
their uses. But this has been discussed on the list multiple times. It's
fine if you disagree; but please don't phrase your words as fact when
it's such a contended issue.
> Tofu does not guarantee identity persistence. Just because your
> correspondence hasn't been obviously tampered with (yet) does not
> mean
> that someone hasn't been MITMing you all along and biding their time.
Isn't "MITM'ing all along" identity persistence then? It's quite
unfortunate it's the /wrong/ identity, but it's identity persistence in
my book, so I think you're using the terminology wrongly.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at
<http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list