[Pkg-gnupg-commit] [gnupg2] 32/118: doc: Add a help text for tofu.conflict.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch encoding-and-speling
in repository gnupg2.

commit b69b2cb082e39a7eb56082fa80219f6f14fbd2b4
Author: Neal H. Walfield <neal at g10code.com>
Date:   Wed Aug 31 14:17:13 2016 +0200

    doc: Add a help text for tofu.conflict.
    
    * doc/help.txt (.gpg.tofu.conflict): New help text.
    
    --
    Signed-off-by: Neal H. Walfield <neal at g10code.com>
---
 doc/help.txt | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/doc/help.txt b/doc/help.txt
index e92cfbe..4c6df7c 100644
--- a/doc/help.txt
+++ b/doc/help.txt
@@ -358,8 +358,19 @@ revocation certificate.  Please keep this text concise.
 An empty line ends the text.
 .
 
-
-
+.gpg.tofu.conflict
+# tofu.c
+TOFU has detected another key with the same (or a very similar) email
+address.  It might be that the user created a new key.  In this case,
+you can safely trust the new key (but, confirm this by asking the
+person).  However, it could also be that the key is a forgery or there
+is an active Man-in-the-Middle (MitM) attack.  In this case, you
+should mark the key as being bad, so that it is untrusted.  Marking a
+key as being untrusted means that any signatures will be considered
+bad and attempts to encrypt to the key will be flagged.  If you are
+unsure and can't currently check, you should select either accept once
+or reject once.
+.
 
 .gpgsm.root-cert-not-trusted
 # This text gets displayed by the audit log if

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git