gpg certificate authorities

[Huels, Ralf SCORE]

> OpenPGP for example allows such a situation: I am a Thawte WOT notary =
so I
> trust their signing key. I set this key to have high (or even =
ultimate
> trust). Other people who also trust the key may set this similarly. =
But
> there's no way to enforce the setting.

That precisely is the point. Enforcing that setting would be beneficial
to trust center revenue. Thus (some people argue), X.509 is more =
popular=20
with the established TCs than OpenPGP.=20

Sure, I can implement a hierarchical PKI using OpenPGP but, as you say,
it is not mandatory, while with X.509 it generally is.=20

Tsch=FC=DF,
Ralf