How to change trust model

David Shaw dshaw at jabberwocky.com
Wed May 11 03:00:15 CEST 2005


On Wed, May 11, 2005 at 02:22:28AM +0200, Per Tunedal Casual wrote:
> At 00:21 2005-05-11, David Shaw wrote:
>  >On Wed, May 11, 2005 at 12:16:03AM +0200, Per Tunedal Casual wrote:
>  >
>  >> Scenario:
>  >> A new user has to quickly download keys to his contacts. The keys
>  >> are
>  >> signed by a mutually trusted CA.
>  >> How can he get valid keys to use trusting the CA, rather than
>  >> having
>  >> to check  and sign each of them?
>  >
>  >You don't need trust signatures or any special trust models for this.
>  >If you trust the CA, sign the CA key.  If the CA has signed your
>  >contacts, then you're done.  The contact keys are now valid.
>  >
>  >David
>  >
> Yes, David, you are right. I want a bit more.
> 
> Some contacts may not be directly signed by the CA, then the trust
> model will be important, I suppose. How can the signature of the CA be
> useful as far down the tree as possible?
> 
> Can you please explain the PGP-model and how to issue trust signatures
> (tsign), with the implications for the validity of keys.

First, read this:

http://download.cryptoex.com/documents/whitepaper/cex2003-pgp-in-unternehmen-en/Tech%20White%20Paper%202002%20-%20Using%20OpenPGP%20in%20Corporations.pdf

It's a very good explanation of trust signature concepts.

How they are used specifically in GnuPG is via the 'tsign' command.
tsign is just like sign (or lsign) except that you are asked a few
more questions by GnuPG.  Think of tsign as a combination of a regular
signature plus the ownertrust.  This combines two different things
from the classic trust model into one signature.

First you are asked:

   Please decide how far you trust this user to correctly verify other
   users' keys (by looking at passports, checking fingerprints from
   different sources, etc.)

     1 = I trust marginally
     2 = I trust fully

This is similar to the question you get asked when setting ownertrust.
What GnuPG is asking is not how much you trust the user, but how much
you trust the user to make good signatures.

The next question is:

   Please enter the depth of this trust signature.
   A depth greater than 1 allows the key you are signing to make
   trust signatures on your behalf.

The signature depth is how many levels "deep" can the power granted by
this signature travel.  For example, a level of 1 means that the key
you sign is valid for you (just like a regular signature), but also
that the ownertrust for this key is automatically set to MARGINAL or
FULL (depending on how you answered the first question).  A level of 2
means that the key you sign is valid for you, and the ownertrust is
automatically set, AND (assuming the trust made it to FULL) that this
key can issue signatures up to level 1 on your behalf.  A level of 3
means all that, plus the key can issue signatures up to level 2, etc.

You can think of a regular signature as a trust signature with a depth
of 0.

The next question:

   Please enter a domain to restrict this signature, or enter for none.

This allows you to restrict (by domain name) the power of the
signature.  For example, let's say that you wanted to make a level 2
signature on a CA key for a particular company.  You should be careful
with making any level above 1, so you want to restrict this to that
company.  By giving a restriction of companyname.com here, only
signatures issued by the CA key on keys in companyname.com will take
effect.

That's pretty much it.  If you think about it, tsign is not generally
useful outside of hierarchial environments with CAs.  Some people are
in hierarchial environments though, and this lets them interoperate.

Incidentally, you can combine tsign with any of the other signing
types (lsign, nrsign) in any combination you like: ltsign is a local
trust signature, nrltsign is a nonrevocable local trust signature,
etc.

David



More information about the Gnupg-users mailing list