Different uids with different trusts?
Thu Sep 11 20:58:04 2003
On Thu, Sep 11, 2003 at 08:45:57PM +0200, Ronald Friedrichs wrote:
> --- David Shaw <firstname.lastname@example.org> schrieb: > On
> Thu, Sep 11, 2003 at 06:40:07PM +0200, Ronald
> > > Why is this so? Person A has self-signatures on
> > > his uids and the key of A is signed by B,
> > > so why is the second uid not trusted?
> > It shouldn't be trusted. B signed foo@a, not bar@a.
> > They're not the same, even though they may reside on
> > the same key.
> Ok, but let's say B sets the owner-trust of A to
> "full". This means B trusts A to sign only uids which
> are correct. But then, B automatically has to accept
> bar@a as valid, because this uid is (self-)signed by
> A. (?!)
It doesn't work that way. Self-signatures do not count in the web of
> > This prevents
> > (among other things) this attack:
> > 1) Trent creates a key, and gets it signed by
> > Charlie.
> > 2) Baker trusts Charlie, so therefore believes that
> > Trent's key is valid.
> > 3) Trent then adds a new user ID "Alice".
> > 4) Baker wants to encrypt to "Alice", but which key
> > to use? They both appear valid.
> With full owner-trust in Trent, they are indeed both
> valid for Baker. (Or, if Baker trust Trent more than
> Alice, the key of Trent is even more valid.) And I
> would consider this the right behaviour with such a
> owner-trust setting -- but gpg doesn't.
Neither does PGP, because that just not how the web of trust works.
If it worked the way you describe, then it would be open to trivial