Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#47407 - [gnupg] Enable new TOFU trust model
Attached to Project:
Arch Linux
Opened by Michael Laß (Bevan) - Wednesday, 16 December 2015, 13:42 GMT
Last edited by Gaetan Bisson (vesath) - Monday, 21 December 2015, 04:49 GMT
Opened by Michael Laß (Bevan) - Wednesday, 16 December 2015, 13:42 GMT
Last edited by Gaetan Bisson (vesath) - Monday, 21 December 2015, 04:49 GMT
|
DetailsDescription:
gnupg 2.1.10 comes with two new trust models "tofu" and "tofu+gpg". TOFU stands for "Trust On First Use" and is explained in more detail here: https://lists.gnupg.org/pipermail/gnupg-users/2015-October/054608.html This new feature seems to be disabled in Arch's build but can be enabled by adding "--enable-tofu" to configure during compilation. I briefly tested compilation and functionality. Since these trust models have to be enabled either in gpg.conf or using command line parameters, I think it is safe to add this configure flag to the version in [core]. |
This task depends upon
Closed by Gaetan Bisson (vesath)
Monday, 21 December 2015, 04:49 GMT
Reason for closing: Implemented
Additional comments about closing: gnupg-2.1.10-2 in [testing]
Monday, 21 December 2015, 04:49 GMT
Reason for closing: Implemented
Additional comments about closing: gnupg-2.1.10-2 in [testing]
Comment by Gaetan Bisson (vesath) -
Thursday, 17 December 2015, 06:49 GMT
This new trust model being very early work is probably a good reason why upstream has not enabled it by default. I feel quite uncomfortable reverting this choice in our package.
Comment by Michael Laß (Bevan) -
Thursday, 17 December 2015, 09:31 GMT
I digged a bit more into this. The new trust models are enabled automatically (so no need for --enable-tofu) but require sqlite. So adding sqlite as a dependency should enable them. But I don't know if they are worth the additional dependency.