trust calculations (was Re: Robot CA at

David Shaw
Tue Dec 10 04:00:01 2002

On Mon, Dec 09, 2002 at 02:41:37PM -0500, Jason Harris wrote:

> Assigning trust values to certain _signatures_ needs to be possible as
> well.  0x10 signatures that are really persona signatures (think Thawte
> Freemail keys/certifications) could then be properly handled.  Signatures
> made by someone at a keysigning one has knowledge of might also be
> trusted more than those made under unknown circumstances.  Also,
> signing habits/policies and policy URLs need to be taken into account.
> Someone's check of a photo ID resulting in a 0x12 signature might be the
> next person's equivalent of a 0x13 signature.

This sounds neat in theory, but that would mean a massively
complicated trust system.  How many people would seriously use it
(actually enter in stuff like "for user X, if they make a 0x11 that
means this, and a 0x12 means that, but a 0x12 on a photo ID means this
other thing... except for that one signature on key Y, which

It's just not possible in a sane system to give a different arbitrary
trust level to arbitrary signatures.

However, if you seriously want to do this, GnuPG 1.3.x will have
(soon) a "direct" trust model where you can set the validity of any
key directly and GnuPG will use it.  With that trust model you can
write any program or script to spit out a complete trustdb that makes
you happy and GnuPG will follow it.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson