diff options
| author | Werner Koch <[email protected]> | 2018-10-10 09:46:16 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2018-11-05 08:17:03 +0000 |
| commit | 82cd7556fdce989aaacf91e0d369a62e4652f224 (patch) | |
| tree | 87b53c3ce4ccb842a3f1f1051dd190efe4d38d21 /doc/gpg.texi | |
| parent | gpg: Add new card vendor (diff) | |
| download | gnupg-82cd7556fdce989aaacf91e0d369a62e4652f224.tar.gz gnupg-82cd7556fdce989aaacf91e0d369a62e4652f224.zip | |
gpg: Don't take the a TOFU trust model from the trustdb,
* g10/tdbio.c (tdbio_update_version_record): Never store a TOFU model.
(create_version_record): Don't init as TOFU.
(tdbio_db_matches_options): Don't indicate a change in case TOFU is
stored in an old trustdb file.
--
This change allows to switch between a tofu and pgp or tofu+pgp trust
model without an auto rebuild of the trustdb. This also requires that
the tofu trust model is requested on the command line. If TOFU will
ever be the default we need to tweak the model detection via TM_AUTO
by also looking into the TOFU data base,
GnuPG-bug-id: 4134
(cherry picked from commit 150a33df41944d764621f037038683f3d605aa3f)
Diffstat (limited to 'doc/gpg.texi')
| -rw-r--r-- | doc/gpg.texi | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 3f8f6b9f4..ffcdaf21e 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1724,7 +1724,8 @@ Set what trust model GnuPG should follow. The models are: @opindex trust-model:auto Select the trust model depending on whatever the internal trust database says. This is the default model if such a database already - exists. + exists. Note that a tofu trust model is not considered here and + must be enabled explicitly. @end table @item --auto-key-locate @var{mechanisms} |