the "pgp" trust model: the relationship between classic ownertrust designation and trust signatures

David Shaw dshaw at jabberwocky.com
Wed Apr 29 22:36:07 CEST 2009 

On Apr 29, 2009, at 2:35 PM, Daniel Kahn Gillmor wrote:

> I'm a bit confused by the implementation of trust signatures and their
> relationship to classic ownertrust.
>
> With current implementations of gpg and gpg2, it looks like classic
> ownertrust designation is equivalent to a level 1 local (non- 
> exportable)
> trust signature.  Is this correct?
>
> For some reason, i had been assuming that under the "pgp" trust model,
> classic ownertrust designation would be equivalent to a level ∞  
> local
> trust signature.

A classic signature is exactly equivalent to a level 0 trust  
signature.  It means (more or less) "I assert this user ID matches the  
right human".  A classic signature + setting ownertrust (i.e. "I  
assert this user ID matches the right human and I also trust them to  
make good key signatures"), as you've noted, is effectively a level 1  
non-exportable signature, which makes the same statement in a slightly  
different way.

Classic ownertrust cannot be an infinite level of validity - that  
would imply that if Alice (owner)trusts Baker, she would find that  
Zenobia (many hops away from Baker) is valid even though she has no  
ownertrust set for Charlie, David, Egbert, Frankie, George, etc, etc.

> Alice has certified Bob's key/uid, and grants Bob full ownertrust
> directly (not via a trust signature).
>
> Bob has certified Carol's key/uid with a level 1 trust signature, full
> trust  (value 120)
>
> Carol has certified David's key/uid.
> -----------
>
> (the attached tarball contains 4 GNUPGHOMEs that I believe are  
> described
> by the above)
>
> Both gpg and gpg2 seem to claim undefined uid validity for David from
> Alice's perspective:
>
>> 0 wt215 at pip:~/trustsigs$ GNUPGHOME=alice gpg  --trust-model pgp -- 
>> check-sigs  --list-options show-uid-validity
>> alice/pubring.gpg
>> -----------------
>> pub   1024R/CC10A80E 2009-04-29 [expires: 2009-05-06]
>> uid       [ultimate] alice (DO NOT USE -- TESTING)
>> sig!3        CC10A80E 2009-04-29  alice (DO NOT USE -- TESTING)
>>
>> pub   1024R/23CF8068 2009-04-29 [expires: 2009-05-06]
>> uid       [  full  ] bob (DO NOT USE -- TESTING)
>> sig!3        23CF8068 2009-04-29  bob (DO NOT USE -- TESTING)
>> sig!         CC10A80E 2009-04-29  alice (DO NOT USE -- TESTING)
>>
>> pub   1024R/F4A06F8A 2009-04-29 [expires: 2009-05-06]
>> uid       [  full  ] carol (DO NOT USE -- TESTING)
>> sig!3        F4A06F8A 2009-04-29  carol (DO NOT USE -- TESTING)
>> sig!       1 23CF8068 2009-04-29  bob (DO NOT USE -- TESTING)
>>
>> pub   1024R/8B4A0C91 2009-04-29 [expires: 2009-05-06]
>> uid       [  undef ] david (DO NOT USE -- TESTING)
>> sig!3        8B4A0C91 2009-04-29  david (DO NOT USE -- TESTING)
>> sig!         F4A06F8A 2009-04-29  carol (DO NOT USE -- TESTING)
>>
>> 0 wt215 at pip:~/trustsigs$
>
> My old reasoning was: shouldn't Alice see David as "full" instead of
> "undef", since she fully trusts Bob's certifications, and Bob says  
> that
> Carol is a trusted introducer?

Carol is a trusted introducer to Bob, not to Alice.  If Alice signed  
Bob with a level 2 or above signature (thus granting Bob meta- 
introducer status (i.e. an introducer of trusted introducers) then  
David should be fully valid to Alice.

David

More information about the Gnupg-devel mailing list