security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

doc: Improve TOFU documentation.

Browse Source 
* doc/gpg.texi: Improve TOFU documentation.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
Suggested-by: Teemu Likonen <tlikonen@iki.fi>
This commit is contained in:
Neal H. Walfield 2017-07-06 21:15:45 +02:00
parent 4c3a59e9c0
commit 243b2a570c
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/gpg.texi
View File

@ -1633,10 +1633,14 @@ Set what trust model GnuPG should follow. The models are:
@opindex trust-model:tofu @opindex trust-model:tofu
@anchor{trust-model-tofu} @anchor{trust-model-tofu}
TOFU stands for Trust On First Use. In this trust model, the first TOFU stands for Trust On First Use. In this trust model, the first
time a key is seen, it is memorized. If later another key is seen time a key is seen, it is memorized. If later another key with a
with a user id with the same email address, a warning is displayed user id with the same email address is seen, both keys are marked as
indicating that there is a conflict and that the key might be a suspect. In that case, the next time either is used, a warning is
forgery and an attempt at a man-in-the-middle attack. displayed describing the conflict, why it might have occured
(either the user generated a new key and failed to cross sign the
old and new keys, the key is forgery, or a man-in-the-middle attack
is being attempted), and the user is prompted to manually confirm
the validity of the key in question.
Because a potential attacker is able to control the email address Because a potential attacker is able to control the email address
and thereby circumvent the conflict detection algorithm by using an and thereby circumvent the conflict detection algorithm by using an