diff options
| author | Neal H. Walfield <[email protected]> | 2017-07-06 19:15:45 +0000 |
|---|---|---|
| committer | Neal H. Walfield <[email protected]> | 2017-07-06 19:17:31 +0000 |
| commit | 243b2a570c30586e19b8c88e43b282d62d8eb77c (patch) | |
| tree | 4ed1d0ef381f18b63c18dd9947929e41236d4d68 | |
| parent | doc: Fix typo. (diff) | |
| download | gnupg-243b2a570c30586e19b8c88e43b282d62d8eb77c.tar.gz gnupg-243b2a570c30586e19b8c88e43b282d62d8eb77c.zip | |
doc: Improve TOFU documentation.
* doc/gpg.texi: Improve TOFU documentation.
Signed-off-by: Neal H. Walfield <[email protected]>
Suggested-by: Teemu Likonen <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | doc/gpg.texi | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 9dceed9da..bc83eff75 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1633,10 +1633,14 @@ Set what trust model GnuPG should follow. The models are: @opindex trust-model:tofu @anchor{trust-model-tofu} TOFU stands for Trust On First Use. In this trust model, the first - time a key is seen, it is memorized. If later another key is seen - with a user id with the same email address, a warning is displayed - indicating that there is a conflict and that the key might be a - forgery and an attempt at a man-in-the-middle attack. + time a key is seen, it is memorized. If later another key with a + user id with the same email address is seen, both keys are marked as + suspect. In that case, the next time either is used, a warning is + displayed describing the conflict, why it might have occured + (either the user generated a new key and failed to cross sign the + old and new keys, the key is forgery, or a man-in-the-middle attack + is being attempted), and the user is prompted to manually confirm + the validity of the key in question. Because a potential attacker is able to control the email address and thereby circumvent the conflict detection algorithm by using an |