g10: Don't consider cross-signed keys to be in conflict.
b410a3cb7683Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

g10: Don't consider cross-signed keys to be in conflict.

* g10/tofu.c (cross_sigs): New function.
(ask_about_binding): If apparently conflicting keys are cross signed,
then don't mark them as conflicting.

If two keys are cross signed, then the same person (probably)
controlled them both. In this case, don't raise a TOFU conflict.
This usually occurs when someone transitions to a new key. When that
person rotates to a third key, she will typically only cross sign it
with the second key. As such, we check this transitively to avoid
declaring a conflict between the 1st and 3rd key.

Signed-off-by: Neal H. Walfield <neal@g10code.com>

Details

Provenance

Neal H. Walfield <neal@g10code.com>

Authored on Sep 1 2016, 11:31 PM

Parents

rG38d369de13ac: gpg: Avoid homedir creation by --list-config

Branches

Unknown

Tags

Unknown

Event Timeline

Neal H. Walfield <neal@g10code.com> committed rGb410a3cb7683: g10: Don't consider cross-signed keys to be in conflict. (authored by Neal H. Walfield <neal@g10code.com>).Sep 1 2016, 11:32 PM

Changes (1)

Path

Size

g10/

tofu.c

rGb410a3cb7683

View Options

g10: Don't consider cross-signed keys to be in conflict.b410a3cb7683UnpublishedActions