Why CAs or public keysigning?
Eugene Smiley
eugene@esmiley.net
Wed Jun 18 18:29:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
CL Gilbert wrote:
>> Your are mixing your analogies. A "weakest link" refers to a
>> chain, not a web. A chain is only as strong as its weakest =
link,
>> but a web is as strong as its strongest strand or "link". If=
I
>> have what I consider a strong link between myself and (for
>> example) Werner Koch, then the number of other paths (or =
links)
>> between him and myself are irrelevant. If someone has
>> intentionally tried to corrupt the Web of Trust, you can snip
>> that person and all their connections out of the web and =
still
>> have a coherent whole. The power of the WoT lies in the fact
>> that it is a web, and not a chain, and thus every node has
>> multiple overlapping connections. Remember that the =
"strength"
>> of the Web of Trust refers to its degree of =
interconnectedness,
>> and not to the number of people inside of it. That is why
>> keysignings are important: they strengthen the Web of Trust.
>
> I am not mixing analogies. The connection you have to your
> target is only as strong as its weakest link. Maybe you have
> several paths, but each one is no stronger that its weakest =
link.
I think you are confused.
A - B
A - C - B
A - C - D - B
A - B is the strong link. A - C - D - B is the weak link. If D =
is removed it has zero effect on the strong link or the =
validity of B. The connection is as strong as it's strongest =
link A - B.
Now it could be more complicated than that, but it would still =
be true.
A - X - Y - Z - B Strongest
A - X - Y - Z - C - B
A - X - Y - Z - C - D - B Weakest
Take out D and the strongest link is still the strongest link. =
The connection is as strong as it's strongest link A - X - Y - =
Z - B.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - GPGrelay v0.92
iD8DBQE+8JOT6QPtAqft/S8RAq6FAKDIxW2CgI8m0QcawPUlRxcrr7zYXgCgoApN
9e3OEQcRBQ7ZyqEeRNNNReo=3D
=3DMFjQ
-----END PGP SIGNATURE-----