[gnupg] trustdb problems, con't
roessler at guug.de
Wed Jan 27 12:36:51 CET 1999
I have already been talking about the fact that "validity" is a
concept which is defined on (pubkey, user-id) pairs. Gnupg
calculates "validity" as a function of the pubkey alone. This is
worse than just a user interface problem.
In collect_paths(), this is done by looping over all user ID records
on a key and counting the number of fully or marginally trusted
certificates. Note that this counting is done on a per-key basis,
not per user ID. 
To see why this is wrong, assume we have four marginally trusted
introducers named ca_1, ..., ca_4 and a user. Assume that this user
has e-mail addresses a_1 to a_4 and a public key p, and that ca_k
has certified the associatioin (p, a_k) for k = 1, ..., 4. Let
marginals_needed be set to the default value of 3.
With PGP, we get four IDs with marginal validity, and the key won't
be used as an "introducer" - which is safe . With gnupg, we get
a key with four marginally trusted certificates which lead to full
validity of the key. It will be used as an introducer, just like a
key which has a fully certified user ID. This is obviously wrong.
 There is another issue here: I'm not sure whether fully trusted
signatures should be counted as marginals, too. Counting the
various signature types separately and checking if
full_count/full_needed + marginal_count/marginals_needed >= 1
may be better. Equivalent: full_count * marginals_needed +
marginal_count * full_needed >= marginals_needed * full_needed.
 Though debatable. One may wish to use the validity of a key
(which will be something like the maximum user ID validity) as
some kind of weight for the owner's trust. For a clean approach
to the web of trust, including recommendations, see Maurer's
paper "Modelling a public key infrastructure". (Thanks to gec
for telling me about it.) Note that OpenPGP [RFC2440] actually
defines recommendation packets. They are called "trust
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!
More information about the Gnupg-devel