Determining the trust path to a particular key

Julian T J Midgley jtjm@xenoclast.org
Wed Oct 30 00:58:02 2002


I'm wondering if anyone has written a tool (or if gnupg itself has a means
that I've not yet discovered) to trace the complete trust path from ones'
own key to a particular key on the keyring.

Sometimes it's useful to know precisely how a particular key has come to
be marked as valid, and whilst check-sigs gives you a clue, there are
times when it would be useful to see the exact chain (without having to
perform the backtrace manually).  For example, I might want to treat a key
differently if it had been marked as valid because three marginally
trusted users had signed it (when those three users themselves were only
valid because they'd been signed by someone else who I trusted fully),
than if the key was signed directly by someone I trusted fully whose key I
had signed personally.

A '--trace-trust-path' option might produce output something like this:

mykey -> keyA(f) -> keyB(m) -+-> targetkey
mykey -> keyC(f) -> keyD(m) -+
mykey -> keyC(f) -> keyE(m) -/

Does anyone know if there is a utility to perform analysis of this
sort?  (If not, I might write one in a spare moment.)

Julian

-- 
Julian T. J. Midgley                      http://www.xenoclast.org/
Cambridge, England.                          PGP Key ID: 0xBCC7863F