[guardian-dev] TOFU coming to GnuPG
Hans-Christoph Steiner
hans at guardianproject.info
Mon Sep 28 08:08:34 EDT 2015
>From the GnuPG summer news:
[Werner Koch] wants GnuPG be easier to use for the masses. This
means, for instance, using TOFU as a trust model instead of the web of
trust, which requires [too much curating] for nearly all
users—including most technical users—to be effective. Nevertheless,
the goal isn't to somehow neuter GnuPG: it will remain possible to
harden GnuPG for users who are trying to prevent targeted attacks with
just a few configuration options. The primary focus, however, is
making GnuPG easier to use and more secure for casual use by default.
Here is more discussion on that topic:
* https://lists.gnupg.org/pipermail/gnupg-devel/2015-March/029629.html
* https://lists.gnupg.org/pipermail/gnupg-devel/2015-April/029649.html
* https://lists.gnupg.org/pipermail/gnupg-devel/2015-April/029638.html
* https://lists.gnupg.org/pipermail/gnupg-devel/2015-July/030150.html
.hc
--
PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
More information about the guardian-dev
mailing list