TOFU

[Peter Lebbing]

On 21/06/17 20:30, Stefan Claas wrote:
> Technically spoken Enigmail showed all three messages as "Untrusted
> Good Signature from Ernst Mustermann etc. , because i have not signed
> the first key locally, to get for the first two messages a green bar
> in Enigmail.

Or either:
- Used --tofu-policy good on the key after the first message
- or even easier: used --tofu-default-policy good in gpg.conf

But think a while about what you want from TOFU before doing the latter.
It will automatically flag any non-conflicting OpenPGP key as valid (but
you could still manually flag a key as bad).

An "UNTRUSTED Good" signature from Enigmail means that you *should*
*not* award any credibility to the signature. It means there is *no*
indication that it belongs to the one you consider the real person
behind the address. I think it's a bad UX choice to name an invalid
signature "UNTRUSTED Good" and a valid signature "Good". I think it
suggests they both have some credibility, which is a false suggestion.

(When I say "invalid signature" I mean a signature by a key that does
not have full validity.)

> What i mean also with this example is that if people do not sign a
> key locally after the second message, from people they do not know
> personally, they may have a surprise in Enigmail when receiving the
> third message.

That stems from a misinterpretation. On the first and second messages,
"UNTRUSTED Good" is indicating it can't award any validity to the
signature. On the third message, it still cannot award any validity to
the signature. There is no surprise if you interpret it as this.

And the correct interpretation is vitally important! *Don't* *trust* any
signature that is "UNTRUSTED Good".

> To be fair, Ludwig announced the update to 64bit key-id's in Enigmail,
> so that this issue should be gone by then.

I think those things are unrelated. You don't use key ID's for
verification, neither short nor long ones. They are just easy
identifiers to refer to a key; if you need to verify the authenticity
you check the fingerprint, period. Not a long key ID, which would still
be marginally safe until computers are much faster, and certainly not a
short ID which is utterly unsafe and has always been.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170621/4d5b787e/attachment.sig>