ultimate trust
Nicholas Cole
npcole at yahoo.co.uk
Tue Jan 6 11:37:54 CET 2004
Happy new year all.
I know that this has been discussed a little before,
but I think it is worth looking at again.
PGP / GPG as always been cursed by the word "trust",
because there are two ways in which gpg needs to trust
a key: firstly to be the key it claims to be (ie
validity), and secondly as an introducer of other
keys. For the most part, these two are clearly
separated but I wonder if the "trust" menu of the
--edit-key option in more recent versions of gpg needs
a rethink.
A user is offered the chance to set how much he or she
"trusts" a key. There is no clue to the user that
options 1-4 relate to trusting a key to introduce
others, whereas option 5 (ultimate trust) will mean
that gpg trusts the key in the
is-trusted-to-be-what-it-claims sense.
That is, setting 1-4 have no effect on whether or not,
say, a given signature made by the key is trusted:
even a "fully trusted" key is considered "invalid"
without trusted introducers, while a key marked as not
trusted may be considered perfectly valid. On the
other hand, setting ultimate trust suddenly makes a
huge difference.
I understand the reasons why setting "ultimate trust"
may be a good thing in some settings, but perhaps I
could suggest it is moved to a seseparate option -
"mark-ultimate-trust" perhaps? - and even made an
"expert" option only.
At the very least, in my view, there ought to be a
clear help text to note that options 1-4 are about
trusting introducers, and option 5 is about something
else.
Not sure if this is really a devel or user issue, so
apologies for the x-post.
Best wishes,
N.
________________________________________________________________________
Yahoo! Messenger - Communicate instantly..."Ping"
your friends today! Download Messenger Now
http://uk.messenger.yahoo.com/download/index.html
More information about the Gnupg-users
mailing list