mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-25 04:29:29 +01:00
gpg.conf: enable TOFU
This commit is contained in:
parent
9026e8035d
commit
fd93def2f3
@ -78,3 +78,14 @@ no-comments
|
||||
# Don't output version, small chance of having people put same keys on IPFS
|
||||
no-emit-version
|
||||
|
||||
# Trust On First Use (marginal trust) with WoT being full trust. I find this
|
||||
# less annoying in KMail than only WoT or the comment below, and I think it
|
||||
# may be additional motivation for me to actually sign the keys I trust with
|
||||
# all keyservers hiding signatures and gpg not importing them.
|
||||
# I think `keybase pgp pull` also helps here as the people I am tracking
|
||||
# there are going to be in my keyring, however it's still a centralized
|
||||
# service.
|
||||
trust-model tofu+pgp
|
||||
# WoT with TOFU’s conflict detection, but without positive trust
|
||||
#tofu-default-policy unknown
|
||||
|
||||
|
11
gpg/gpg.conf
11
gpg/gpg.conf
@ -78,3 +78,14 @@ no-comments
|
||||
# Don't output version, small chance of having people put same keys on IPFS
|
||||
no-emit-version
|
||||
|
||||
# Trust On First Use (marginal trust) with WoT being full trust. I find this
|
||||
# less annoying in KMail than only WoT or the comment below, and I think it
|
||||
# may be additional motivation for me to actually sign the keys I trust with
|
||||
# all keyservers hiding signatures and gpg not importing them.
|
||||
# I think `keybase pgp pull` also helps here as the people I am tracking
|
||||
# there are going to be in my keyring, however it's still a centralized
|
||||
# service.
|
||||
trust-model tofu+pgp
|
||||
# WoT with TOFU’s conflict detection, but without positive trust
|
||||
#tofu-default-policy unknown
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user