Am 07.06.2017 um 11:04 schrieb Peter Lebbing:
On 06/06/17 20:12, Stefan Claas wrote:
Is TOFU verifying the email address from the from: header of the message
and then compares it with the email address in the UID?
Yes.
I ask, because
if i would use a free form UID with no email address
That would make it difficult.
, or i use an Anon
Remailer with a nym account where both email addresses are not identical.
This doesn't seem like a problem, depending on some assumptions. In the
usual case where you wouldn't want the two accounts linked to the same
person, you would use two completely separate certificates, each with
their own pseudonym with nym address.
If you don't care that peole realize they belong to the same person, you
would create two UIDs on the same key, one for each nym account.
Thank you very much for your detailed explanation!
I just installed modern GnuPG and used it with two inline PGP messages from
Usenet and i like it. :-)
Good to hear :-).
I love the idea of TOFU and it's great that it is implemented in modern
GnuPG. :-)
Kudos and respect to the person who had this idea!
I tried also with Enigmail under OS X but when checking the signatures here
from the list members i always get the blue "Untrusted Good Signature".
Did you already enable TOFU? It needs a line in your gpg.conf. Either:
trust-model tofu
or
trust-model tofu+pgp
Yes, i did that and it works fine in command-line mode which also shows
me the statistics.
Regards
Stefan
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
