Are TOFU statistics used for validity or conflict resolution?

Teemu Likonen tlikonen at iki.fi
Thu Jun 22 08:42:50 CEST 2017 

Are TOFU statistics used for key's validity calculations or TOFU
conflict resolution?

Some background: The TOFU system keeps statistics about key's use. I'll
quote some lines from the DETAILS document.

About --with-colons --witt-tofu-info --list-keys:


    *** TFS - TOFU statistics

        This field may follows a UID record to convey information about
        the TOFU database.  The information is similar to a TOFU_STATS
        status line.

        - Field 2 :: tfs record version (must be 1)
        - Field 3 :: validity -  A number with validity code.
        - Field 4 :: signcount - The number of signatures seen.
        - Field 5 :: encrcount - The number of encryptions done.
        - Field 6 :: policy - A string with the policy
        - Field 7 :: signture-first-seen - a timestamp or 0 if not known.
        - Field 8 :: signature-most-recent-seen - a timestamp or 0 if not known.
        - Field 9 :: encryption-first-done - a timestamp or 0 if not known.
        - Field 10 :: encryption-most-recent-done - a timestamp or 0 if not known.


About --status-fd output's TOFU_STATS:


    *** TOFU_STATS <MANY_ARGS>

        Statistics for the current user id.

        The <MANY_ARGS> are the usual space delimited arguments.  Here we
        have too many of them to fit on one printed line and thus they are
        given on 3 printed lines:

        : <summary> <sign-count> <encryption-count>
        : [<policy> [<tm1> <tm2> <tm3> <tm4>
        : [<validity> [<sign-days> <encrypt-days>]]]]

        Values for SUMMARY are:
        - 0 :: attention, an interaction with the user is required (conflict)
        - 1 :: key with no verification/encryption history
        - 2 :: key with little history
        - 3 :: key with enough history for basic trust
        - 4 :: key with a lot of history


It _seems_ to me that 

    - Field 3 :: validity -  A number with validity code.

is the same thing as SUMMARY in TOFU_STATS. Am I right?

And here's my question again: Does the SUMMARY field's value (0-4) have
effect on how key's validity is calculated or how TOFU conflicts are
resolved or presented to a user?

-- 
/// Teemu Likonen   - .-..   <https://keybase.io/tlikonen> //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: </pipermail/attachments/20170622/9072f00b/attachment.sig>

More information about the Gnupg-users mailing list