the "pgp" trust model: the relationship between classic ownertrust designation and trust signatures

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 29 20:35:27 CEST 2009 

Hey folks--

I'm a bit confused by the implementation of trust signatures and their
relationship to classic ownertrust.

With current implementations of gpg and gpg2, it looks like classic
ownertrust designation is equivalent to a level 1 local (non-exportable)
trust signature.  Is this correct?

For some reason, i had been assuming that under the "pgp" trust model,
classic ownertrust designation would be equivalent to a level ∞ local
trust signature.


Can you help de-confuse me?


Here's the scenario that uncovered this:

-----------
Alice has certified Bob's key/uid, and grants Bob full ownertrust
directly (not via a trust signature).

Bob has certified Carol's key/uid with a level 1 trust signature, full
trust  (value 120)

Carol has certified David's key/uid.
-----------

(the attached tarball contains 4 GNUPGHOMEs that I believe are described
by the above)

Both gpg and gpg2 seem to claim undefined uid validity for David from
Alice's perspective:

> 0 wt215 at pip:~/trustsigs$ GNUPGHOME=alice gpg  --trust-model pgp --check-sigs  --list-options show-uid-validity
> alice/pubring.gpg
> -----------------
> pub   1024R/CC10A80E 2009-04-29 [expires: 2009-05-06]
> uid       [ultimate] alice (DO NOT USE -- TESTING)
> sig!3        CC10A80E 2009-04-29  alice (DO NOT USE -- TESTING)
> 
> pub   1024R/23CF8068 2009-04-29 [expires: 2009-05-06]
> uid       [  full  ] bob (DO NOT USE -- TESTING)
> sig!3        23CF8068 2009-04-29  bob (DO NOT USE -- TESTING)
> sig!         CC10A80E 2009-04-29  alice (DO NOT USE -- TESTING)
> 
> pub   1024R/F4A06F8A 2009-04-29 [expires: 2009-05-06]
> uid       [  full  ] carol (DO NOT USE -- TESTING)
> sig!3        F4A06F8A 2009-04-29  carol (DO NOT USE -- TESTING)
> sig!       1 23CF8068 2009-04-29  bob (DO NOT USE -- TESTING)
> 
> pub   1024R/8B4A0C91 2009-04-29 [expires: 2009-05-06]
> uid       [  undef ] david (DO NOT USE -- TESTING)
> sig!3        8B4A0C91 2009-04-29  david (DO NOT USE -- TESTING)
> sig!         F4A06F8A 2009-04-29  carol (DO NOT USE -- TESTING)
> 
> 0 wt215 at pip:~/trustsigs$ 

My old reasoning was: shouldn't Alice see David as "full" instead of
"undef", since she fully trusts Bob's certifications, and Bob says that
Carol is a trusted introducer?

Is there an obvious (or not-so-obvious) rejoinder to that question that
makes sense given the current implementation?

Thanks for helping me understand this better.

	--dkg

[0] http://tools.ietf.org/html/rfc4880#section-5.2.3.13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trustsigs.tgz
Type: application/x-gtar
Size: 6853 bytes
Desc: not available
URL: </pipermail/attachments/20090429/89bb7ca2/attachment.tgz>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090429/89bb7ca2/attachment.pgp>

More information about the Gnupg-devel mailing list