[messaging] TOFU Support in GNUPG

Sam Lanning sam at samlanning.com
Fri Nov 6 05:31:36 PST 2015


> I've never understood why TS is so hostile to the PGP WoT. Pretending
security issues don't exist, even if you manage to convince your followers
of this, doesn't mean the security issues don't *actually* exist.
>
> Using TOFU is better than not using WoT and not using TOFU, but using the
WoT is better than using TOFU. Also, SSH and OTR both implement TOFU in a
much better way (security-wise and usability-wise) than TS does. I haven't
tried out GPG's implementation yet.

It's not as simple as WoT is better than TOFU, they both have their use
cases where they're better suited.

WoT is perfect for example among the community of Debian Package
Maintainers, where people need to PUBLICLY be verified by other people to
even get a foot in the door for a particular community.

And KSPs are a great way for a huge number of people to immediately
bootstrap safe communications etc... with each other.

However there Are cases where TOFU is better suited, for example any system
where you don't want verifications to be public, such as if you don't want
to leak who you're communicating with, but you still want to verify their
public keys.

Additionally, WoT (conceptually) requires the use of global identifiers for
public keys, this isn't compatible with the idea that people may give
different aliases to their contacts, or have multiple people they know with
the same full name. And doesn't work well with anyone who wants to be
pseudonymous, you can't partake in the WoT, with the usual method of
verifying keys pseudonymously.

</2 cents>

Cheers,
Sam.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20151106/9a7a1762/attachment.html>


More information about the Messaging mailing list