the "pgp" trust model: the relationship between classic ownertrust designation and trust signatures
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat May 2 17:02:07 CEST 2009
On 05/02/2009 10:41 AM, David Shaw wrote:
> On Apr 29, 2009, at 5:29 PM, Daniel Kahn Gillmor wrote:
>> How does max-cert-depth work in the classic trust model? I'm afraid i
>> don't understand how a chain of length > 1 can exist in that model.
>> What am i missing?
> It's not really a chain in the pgp trust model sense. Take the example
> of a simple row of keys that sign the next key: Alice signs Baker who
> signs Charlie who signs David who signs Edgar who signs Gloria. Alice
> then gives full ownertrust to Baker, Charlie, David, and Edgar. End
> result is that Gloria is fully valid, *if* the max-cert-depth is deep
> enough to cover her, if not, then Edgar's signature has no effect.
Ah, i see. So it's measured from the nearest key/uid directly signed by
an ultimately-trusted key, right? In the above scenario, if Gloria was
one hop too many (i.e. if max-cert-depth was 3), were Alice to sign
Charlie's key/uid in addition to having marked the key with full
ownertrust, then Gloria's key/uid would have full calculated validity.
Do i have that right?
> It's hard to do that since the two concepts live on the opposite sides
> of the key signing "transaction". The signer picks the trust-sig
> levels, but the recipient has their own personal choice for
> max-cert-depth, and each recipient can pick a different one.
> GPG handles this by letting the signer issue signatures as if
> max-cert-depth was always infinite ("this is the validity I choose to
> grant"), but allows the recipient to trim that down to whatever they
> like ("this is what I will accept"). The default max-cert-depth is 5.
OK, i understand the reasoning here. It still seems to me like it would
usually be unreasonable for a person whose own max-cert-depth was 5 to
issue a tsig with depth > 5 (which is why i suggested a warning rather
than disabling the feature), but i see how it might come in handy in
Thanks for the explanations of these concepts, David. It's very helpful.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 890 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-devel