TOFU support in GnuPG 2.1

whitey666 at whitey666 at
Thu Sep 1 18:27:00 CEST 2016


I have been using GnuPG 2.1.15 for several weeks having compiled
it from source.  After seeing several references to TOFU I decided to
try it.  I added "trust-model tofu+pgp" and "tofu-default-policy ask"
to gpg.conf.  When I ran gpg2, it balked at both entries so I reran
./configure and learned the my GnuPG 2.1.15 was compiled without TOFU

GnuPG v2.1.15 has been configured as follows:

        Revision:  6bee88d  (27630)
        Platform:  GNU/Linux (x86_64-pc-linux-gnu)

        OpenPGP:   yes
        S/MIME:    yes
        Agent:     yes
        Smartcard: yes (without internal CCID driver)
        G13:       no
        Dirmngr:   yes
        Gpgtar:    yes
        WKS tools: no

        Protect tool:      (default)
        LDAP wrapper:      (default)
        Default agent:     (default)
        Default pinentry:  (default)
        Default scdaemon:  (default)
        Default dirmngr:   (default)

        Dirmngr auto start:  yes
        Readline support:    no
        LDAP support:        no
        DNS SRV support:     yes
        TLS support:         no
        TOFU support:        no
        Tor support:         only .onion

Two questions:
1) What must I do to include TOFU support?
2) Based on the above output, am I missing anything else I should
   have included?


More information about the Gnupg-users mailing list