Questions about trust signatures
dshaw at jabberwocky.com
Mon Jun 16 23:02:12 CEST 2008
On Mon, Jun 16, 2008 at 01:14:52PM -0700, bezna wrote:
> Dear David,
> First, thank you for your reply and for the working link to the white paper.
> You have my enormous gratitude for taking the time to share your knowledge
> with me.
> David Shaw wrote:
> >> Furthermore, if Bob tsigned Carmen with a depth of 4 (for his own
> >> purposes), the chain of trust linking Eve to Alice would be broken
> >> since GPG computes certificate validity (and trust in the case of
> >> tsigns) only down paths where each next node in the path was tsigned
> >> with a lower ???depth??? than the ???depth??? of the tsign on the
> >> node before it.
> > The chain isn't broken, the depth at each step is just lowered to
> > match the perspective of the head of the chain (Alice in this case).
> > If Bob tsigns Carmen, then from Bob's perspective, that chain in the
> > link had a depth of 4. Similarly, if Roger signs Bob's key with a
> > depth of 5, then we have a new chain from Roger's perspective where
> > the Bob->Carmen link also has a depth of 4. If Roger signed Bob's key
> > with a depth of 4, then the Bob->Carmen link has a depth of 3 (as it
> > is lowered to match the maximum depth granted by Roger). If Roger
> > signed Bob's key with a depth of 50, then the Bob->Carmen link has a
> > depth of 4 (as it can't be larger than what Bob granted).
> I believe you might be mistaken on this point. I ran some trials and it
> seems that if the next trust signature in the chain has a higher depth than
> the one preceding it, it is treated just as a regular signature (depth 0)
> and the trust data contained in the signature is discarded, effectively
> breaking the chain. The next hop in the chain will have an appropriate trust
> value of "undefined", and the one following it will simply be "unknown". See
> for yourself:
Interesting. I'm going to have to go back to my notes from when I
wrote that code back in 2002, and see what I was shooting for. My
memory is that I wanted the trust depth to automatically degrade as
the chain continued. It's possible this is just a bug, or it is
possible I did it this way on purpose (PGP compatibility, maybe?)
I'll let you know what I find.
More information about the Gnupg-users