On 2024-08-06 10:32, Jakob Bohm via Gnupg-users wrote:
For issues such as the above, the proper script-friendly solution is to
enhance gpgv itself with command line options to specify the desired
trust requirements. For the multi-signer scenario above, an option
could
be set to
--must-match-percent 90 --ignore-unknown
I think using percentages rather than absolute values here would be
dangerous. If this is a percentage of the number of keys in the keyring,
it would make updating the membership of the keyring a potential DOS
event. If it is a percentage of the number of signatures on the message,
an attacker who compromises just one signing key could distribute a
package signed by just that key, and 100% of attached signatures would
verify.
A
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users