> I've never understood why TS is so hostile to the PGP WoT. Pretending security issues don't exist, even if you manage to convince your followers of this, doesn't mean the security issues don't *actually* exist. > > Using TOFU is better than not using WoT and not using TOFU, but using the WoT is better than using TOFU. Also, SSH and OTR both implement TOFU in a much better way (security-wise and usability-wise) than TS does. I haven't tried out GPG's implementation yet. It's not as simple as WoT is better than TOFU, they both have their use cases where they're better suited. WoT is perfect for example among the community of Debian Package Maintainers, where people need to PUBLICLY be verified by other people to even get a foot in the door for a particular community. And KSPs are a great way for a huge number of people to immediately bootstrap safe communications etc... with each other. However there Are cases where TOFU is better suited, for example any system where you don't want verifications to be public, such as if you don't want to leak who you're communicating with, but you still want to verify their public keys. Additionally, WoT (conceptually) requires the use of global identifiers for public keys, this isn't compatible with the idea that people may give different aliases to their contacts, or have multiple people they know with the same full name. And doesn't work well with anyone who wants to be pseudonymous, you can't partake in the WoT, with the usual method of verifying keys pseudonymously. </2 cents> Cheers, Sam.