gpg TOFU mutt

Thomas Glanzmann thomas at
Wed Sep 14 16:28:38 CEST 2016

on my local workstation I have gpg-agent running and use gpg agent
forwarding to a remote machine where I run mutt. I have the newest
releast version of gpg2.1 compiled by myself on both machines and
they're in use. On my local workstation I also have the most recent
version of pinentry and use it in the gpg-agent.conf.  I set
'trust-model tofu+pgp' in .gnupg/gpg.conf on the remote machine I'm
using mutt with 'set crypt_use_gpgme=yes'. Now I wander which
interaction I should see and when I should see it? For now I can see
when I send an encrypted email to someone it is automatically markes as
'full'. Is there any other behaviour I should see, or is there a howto?

I already read:

And I also saw Murphy's post that a newer pinentry than the one that
ships with Debian Jessie (which I'm running everywhere) is necessary. I
wondered why I did not get any questions if I trust a key or not.

If someone could shed some light on it, that would be nice.

I'm also waiting eagerly for the gpgsm tofu which I'm using as well
with the same setup.


More information about the Gnupg-users mailing list