Using the OTR plugin with Pidgin for verifying GPG public key fingerprints
kloecker at kde.org
Sat Mar 13 13:51:47 CET 2010
On Saturday 13 March 2010, erythrocyte wrote:
> On Sat, Mar 13, 2010 at 1:14 PM, Robert J. Hansen
<rjh at sixdemonbag.org>wrote:
> > Even then — so what? Let's say the Type II rate is 25%. That's a
> > very high Type II rate; most people would think that failing to
> > recognize one set of fake IDs per four is a really bad error rate.
> > Yet, if you're at a keysigning party where there are five people
> > independently applying a 25%-faulty test, the likelihood of
> > accepting a fake ID is under 1%.
> It really depends on how you're calculating combined probability. If
> you take an example of 4 individuals at a keysigning party,
> The combined probability that all individuals would accept a fake ID
> would be 1/4 * 1/4 * 1/4 * 1/4 = 0.00390625 .
> However, the combined probability that at least one of the encounters
> would result in accepting a fake ID would be 1/4 + 1/4 + 1/4 + 1/4
> = 1 .
> Please do correct me if I've made a mistake. I'm not a math guru by
> any means.
Sorry, but your calculation is wrong. If the calculation was correct
then with 5 encounters the probability would be 1.25 which is an
impossibility. Probability is never negative and never > 1. (People say
all the time that they are 110 % sure that something will happen, but
mathematically that's complete nonsense.)
The probability that the fake ID is rejected by all individuals is
(1 - 1/4)^4.
Consequently, the probability that the fake ID is not rejected by all
individuals (i.e. it is accepted at least by one individual) is
1 - (1 - 1/4)^4.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users