Confusing options for --tofu-(default-)policy=

Teemu Likonen tlikonen at
Sun Oct 2 20:59:06 CEST 2016

First a quote from the gpg 2.1.15 man page:

    --trust-model pgp|classic|tofu|tofu+pgp|direct|always|auto


            In the TOFU model, policies are associated with bindings
            between keys and email addresses (which are extracted from
            user ids and normalized). There are five policies, which can
            be set manually using the --tofu-policy option. The default
            policy can be set using the --tofu-default- policy policy.

            The TOFU policies are: auto, good, unknown, bad and ask. The
            auto policy is used by default (unless overridden by
            --tofu-default-policy) and marks a binding as marginally
            trusted. The good, unknown and bad policies mark a binding
            as fully trusted, as having unknown trust or as having trust
            never, respectively. [...]

So there's a mapping from tofu policy to trust: auto=marginal,
good=fully, unknown=unknown, bad=never. But why use different names? Why
not use the same names for tofu policy and trust?

/// Teemu Likonen   - .-..   <> //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: </pipermail/attachments/20161002/f5eb4a9d/attachment.sig>

More information about the Gnupg-users mailing list