trust-model and federated lookups
Phil Pennock
gnupg-users at spodhuis.org
Fri Oct 22 17:00:11 CEST 2021
Folks,
When evaluating the trust we have in the identity attached to a key, I
often see "WARNING: We have NO indication whether the key belongs to the
person named as shown above"; at the same time, `--with-key-origin` for
the very same key will show "origin=wkd".
GnuPG uses the trust-model option to decide how to evaluate the trust we
have in a key. I've looked through the options, and checked the release
notes for the 2.3.x series to confirm nothing new there.
I'm currently using "trust-model tofu+pgp"/"tofu-default-policy unknown"
I think what I _want_ is `trust-model pgp+federated+tofu`, which means,
in order: (1) any sigs from the WoT; (2) origin information from the
key, if the origin shows the key was safely retrieved from a federated
origin in a provable way (WKD, various DNSSEC storage options, etc); (3)
TOFU as a fallback if there's nothing better.
I might even just want `trust-model pgp+federated` if I'm feeling more
cautious. But in reality tofu helps a little.
Does this make sense to people? Is there a security problem with this?
Does this seem like a reasonable feature request?
Thanks,
-Phil
More information about the Gnupg-users
mailing list