telegraph at gmx.net
Fri Dec 2 13:10:01 CET 2005
* David Shaw <dshaw at jabberwocky.com> [30. Nov. 2005]:
> On Wed, Nov 30, 2005 at 08:11:44PM +0100, Gregor Zattler wrote:
> > * David Shaw <dshaw at jabberwocky.com> [30. Nov. 2005]:
> > > On Wed, Nov 30, 2005 at 04:29:21PM +0100, Gregor Zattler wrote:
> > > > * David Shaw <dshaw at jabberwocky.com> [28. Nov. 2005]:
> > > > > On Sat, Nov 26, 2005 at 12:56:16AM +0100, Jaap Eldering wrote:
> > > > > Yes, it is. There are a few servers that do more or less what you
> > > > > describe (for example http://www.lysator.liu.se/~jc/wotsap/). It's
> > > > > useful to see the various paths, but unless you trust each step in the
> > > > > chain, it doesn't really help you get trust in the end point.
> > > >
> > > > Doesn't it help if there are several disjunct paths? Couldn't I
> > > > say I trust a User-Id if more than n discunct paths of trust
> > > > exist from my key to the other?
> > >
> > > Yes, if you trust those disjunct paths :) A hundred disjunct paths
> > > that you don't trust don't help much.
> > Why not? The disjunct paths from my key to the target key
> > all start with keys signed by me. So all owners of this said
> > keys must be part of an conspiracy. If I met the different key
> > owners in different contextes this isn't very likely to happen.
> Unless you're talking about paths with only one hop, it doesn't work.
> The paths *start* with keys signed by you. After that, you have no
> Given these paths:
> Gregor -> Alice -> Baker -> Charlie -> David
> Gregor -> Lorina -> Mark -> Nate -> David
> Gregor -> Edith -> Frank -> George -> David
> You know (because you signed them), that Alice, Lorina, and Edith are
> valid. Lets say that you also fully trust them to make good
> signatures, so that makes Baker, Mark, and Frank fully valid as well.
> However, not knowing how well Baker, Mark, or Frank issue signatures
> stops you from making Charlie, Nate or George valid, which stops you
> in turn from making my key valid.
O.k. it's not very likely that an attacker is able to surround
all the people which keys I signed with people deliberately
signing wrong keys to trick me. OTOH I can not be certain that
Charlie, Nate and George know what they are doing when signing a
> > !? Does gpg calculate trust several hops along the trust path?
> GPG will calculate trust for 5 hops along the path, by default. You
> can tune this with --max-cert-depth.
How then is gpg able to calculate trust paths with more than one
-... --- .-. . -.. ..--.. ...-.-
More information about the Gnupg-users