Robot CA at

David Shaw
Sun Dec 8 23:32:03 2002

On Sun, Dec 08, 2002 at 01:24:18PM -0600, Kyle Hasselbacher wrote:

> >If a robot CA must be done, and I do see some limited benefits to it,
> >it must not become a free pass into the web of trust strong set.  That
> >hurts all of the users of OpenPGP.
> I think including more people in the web of trust is a good thing.  Part of
> my motivation for creating this is that I saw so many keys which I thought
> were good but which had no solid trustworthy connection to anything.  The
> reason they had no connection is that making the connection is hard.  I
> WANT to lower the barrier of entry.
> I agree that it's sort of a "back door" into the web, and the unwary may
> place too much faith in a path that is really weak, but the path is clearly
> marked.  I think part of the problem is that WoT implementations treat all
> classes of signatures the same--that is, the robot's lame "persona"
> signature is just as strong as signatures made with a personal meeting.
> Everyone is either in the web or out.  It doesn't allow for the "half-way
> in" kind of trust the robot provides.

You see, here I disagree with you.  The system you are trying to put
into place does not in any way depend on other people signing the
robot's key.

Any person who wants to use the robot's signatures must download the
robot's key and assign it (local) trust.  Signatures on the robot's
key are meaningless in this configuration.

However, having random people sign the robot's key - which allows
people to gain trust *through* the robot does nothing but harm the web
of trust for no real benefit.  Since the robot works perfectly well
without collecting signatures on its own key, those signatures should
be discouraged.

> It's easy in this case simply not to trust the robot's signatures.
> However, what if a person starts giving out signatures of different types
> (this already happens)?  I can understand not wanting to trust the persona
> signatures, but they're also producing sigs made with real verification.
> If you cut out ALL of that person's signatures, you're eliminating people
> from the web unnecessarily.  There needs to be a way to say that "Alice's
> signatures are good unless they're personas."

It is not an issue of trusting certain types of signatures.  If
someone wants to trust the robot and use its signatures, they can.
Signing the robot's key gives it more power than intended, and does
impact the web of trust exactly as if someone just signed every key
that came along.  Why harm the web of trust, especially since your
plan works equally well without harming it?


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson