max-cert-depth and "chains of trust" in GPG

David Shaw dshaw at
Fri Jun 6 23:45:26 CEST 2008

On Fri, Jun 06, 2008 at 01:26:19PM -0700, bezna wrote:

> However, this does not happen in GPG. Because Alice does not have access to
> Bob's trust database (unless he exports it and gives it to her), she has no
> way of knowing who Bob trusts and to what extent. Thus, she can only rely on
> the signatures made by Bob himself to determine if a certificate is valid,
> but not Bob's trusted introducers because she has no idea who they are. 
>           A--> B--> C--> D
> Depth: 0      1     2      3
> Valid:   y      y     y      ?

Correct.  This is because Alice does not necessarily agree with Bob.
The trust decisions are personal, and while Bob might feel that
Charlie is a good signer, Alice might not.

> A workaround to this problem is for Alice to fully trust Charlie (who
> appears valid to her because of Bob's signature) as an introducer, thereby
> validating Dale's certificate through him. Note that Alice doesn't need to
> sign Dale's certificate herself to do this.


> So for Alice to be able to validate a certificate through someone else's
> signature, she has to personally trust that someone else; the trust can't
> transfer through an intermediate. 

Yes.  The "classic" trust model requires personal trust.

> Ok, now, after all this, which I hope you understood, come the questions. Am
> I understanding this correctly?


> What does the max-cert-depth parameter refer to? Is that the depth of the
> "chain of signatures"? 


> And lastly, how do all these sites and applications that trace a path
> between your certificate and another person's certificate work? Based on
> tracing signatures alone?

Just signatures.

> Is it possible to export your trust database to these servers so
> they will aggregate it into one and take trust as well as signatures
> into account in determining validity down a chain?

No.  As I noted above, the trust database is very dependent on the
owner - or put another way, why should you believe my trust database
is correct?

> Is there anything out there that incorporates real chains of trust of some
> substantial length?

Yes, there is.  There is a different method of signing that does
basically what you are looking for here - try a "tsign" (for "trust
signature").  A trust signature does the same thing as a regular
signature, but also contains the trust information that would have
been put in the database.  Essentially, it allows you to issue a
signature that says "I verified the key belongs to her, and I also
trust her to make signatures on my behalf".

for some examples on how to use it.


More information about the Gnupg-users mailing list