Are TOFU statistics used for validity or conflict resolution?

Peter Lebbing peter at
Fri Jun 23 13:22:23 CEST 2017

On 23/06/17 12:56, Neal H. Walfield wrote:
> It's up to the GPG client to interpret it.  This document (authored by
> Andre and me) has some recommendations for MUAs:

Ah! Thanks for the information.

I was thinking about how GnuPG handled it, i.e., on the gpg command line
or as a backend for some frontend. I got the impression the "validity"
field affected the text of the gpg command line but nothing else
(g10/tofu.c:show_statistics() returns "show_warning" asserted for
valdities below 3).



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170623/7926b510/attachment.sig>

More information about the Gnupg-users mailing list