[Pkg-gnupg-commit] [gnupg2] 32/118: doc: Add a help text for tofu.conflict.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Sep 15 18:25:03 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch encoding-and-speling
in repository gnupg2.
commit b69b2cb082e39a7eb56082fa80219f6f14fbd2b4
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Aug 31 14:17:13 2016 +0200
doc: Add a help text for tofu.conflict.
* doc/help.txt (.gpg.tofu.conflict): New help text.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
---
doc/help.txt | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/doc/help.txt b/doc/help.txt
index e92cfbe..4c6df7c 100644
--- a/doc/help.txt
+++ b/doc/help.txt
@@ -358,8 +358,19 @@ revocation certificate. Please keep this text concise.
An empty line ends the text.
.
-
-
+.gpg.tofu.conflict
+# tofu.c
+TOFU has detected another key with the same (or a very similar) email
+address. It might be that the user created a new key. In this case,
+you can safely trust the new key (but, confirm this by asking the
+person). However, it could also be that the key is a forgery or there
+is an active Man-in-the-Middle (MitM) attack. In this case, you
+should mark the key as being bad, so that it is untrusted. Marking a
+key as being untrusted means that any signatures will be considered
+bad and attempts to encrypt to the key will be flagged. If you are
+unsure and can't currently check, you should select either accept once
+or reject once.
+.
.gpgsm.root-cert-not-trusted
# This text gets displayed by the audit log if
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list