trust problem
Ingo Klöcker
ingo.kloecker at epost.de
Thu Jan 1 13:51:08 CET 2004
On Wednesday 31 December 2003 01:41, David Shaw wrote:
> The "PGP" model is the one based on Maurer. The idea is that each
> signature has a numeric value embedded in it, and validity is a
> function of that value. So if A signs a user ID on B with 100
> points, and A is fully valid, then B has 100 points. B can then sign
> a user ID on C, but can only use 100 points to do it (if B signs with
> 200 points, C only gets 100 of them). By convention, 60 points is
> equivalent to the classic trust model's "partial trust", and 120
> points is equivalent to "full trust". The signature can also have
> the number of levels the points may travel, and a regular expression
> to match user IDs on which the points may travel. Thus you can make
> signatures that say such things as "I sign B's user ID, but I only
> trust B enough to make people partially trusted and only for people
> at aol.com. All trust must stop after 2 hops.".
I guess everything after the "[...], but" is not incorporated into the
signature but is part of the local trust database. Correct? Now I
wonder how I can specify "I only trust B enough to make people
partially trusted and only for people at aol.com". Is it correct that
the first part "partially trusted" can be achieved by assigning
"marginal trust" to a key owner (gpg --edit-key trust)? How can I
assign a regexp?
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20040101/37510308/attachment.bin
More information about the Gnupg-users
mailing list