[messaging] TOFU Support in GNUPG

Frederic Jacobs lists at fredericjacobs.com
Tue Nov 3 07:48:41 PST 2015

Interesting update from GNUPG, they decided to implement TOFU in addition to Web of Trust. Admitting that in practice and usability considered, TOFU is a are secure trust model than the Web of Trust.

Bye bye PGP key signing parties?

> In contrast to the Web of Trust <https://en.wikipedia.org/wiki/Web_of_trust> (WoT), TOFU's security guarantees are rather weak. When using the WoT correctly, you can have high confidence that if GnuPG says a given key is controlled by a specific user, then it probably is. TOFU, on the other hand, is only able to detect when the key associated with an email address has changed. Despite this, TOFU will be more secure than the WoT for most users in practice. This is because using the WoT requires a lot of manual support, which most users never both with. In particular, you need to verify fingerprints and set the owner trust to take advantage of friend of friend verification.
> Happily you don't need to choose between TOFU and the WoT. It is possible to combine them using the tofu+pgp trust model. In this model, the trust level for a key under each model is computed and then the maximum is taken.
https://gnupg.org/blog/20151103-gnupg-in-october.html <https://gnupg.org/blog/20151103-gnupg-in-october.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20151103/54ccc83a/attachment.html>

More information about the Messaging mailing list