Keyservers and the future

Bill Thompson Billt at
Fri May 20 03:08:01 CEST 2005

On Thu, 19 May 2005 18:29:30 -0400
Radu Hociung <radu.gpg at> wrote:

> The object of trust, however, is a key. Without a key there isn't much
> to be trusted. The question is ... is the PGP architecture suited to a
> load of hundreds of millions of keys, or even billions?
> Are CA's and X509 certificates better equipped to handle the load?

I think that the PGP "web of trust" may be better suited to this that
X509/CA's due to the fact that many signatures can be added to one key.

In the CA model, there is one authority that all certificates refer to. In
the PGP model, a single key can be signed by several local authorities, one
of which should be close enough to the key owner for them to trust the

I know that the next step in the argument is how can you trust the chain?
If I sign Alice's key, and she signs Bob's key, does that mean I now trust
everything signed by Bob?

Due to the way trust is established with PGP, this is not necessarily so.
Each key can be assigned a level of trust, so that I can designate Alice's
as fully trusted, and validate Bob's key, but I can set my trust
preference for Bob at a lower level so that I do not automatically trust a
key he has signed.

This is quite a bit of work for the end user and would probably lead to
people trusting a key that they shouldn't, but that is where we are now
with CA's. At least with the PGP model, the user can personally validate
sections of the trust chain and has some control over the degree of trust
they put into sections of the chain they have not personally valdated,
unlike the single authority x509/CA model.

Bill Thompson
BillT at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050519/fe394793/attachment.pgp

More information about the Gnupg-users mailing list