hashed user IDs [was: Re: Security of the gpg private keyring?]
Robert J. Hansen
rjh at sixdemonbag.org
Sat Mar 12 21:22:06 CET 2011
On 3/12/2011 1:05 PM, MFPA wrote:
> How does the WoT idea require me to know the names or email addresses
> associated with the keys in the trust path? The text strings in User
> IDs do not feature in the trust calculation.
Yes, in fact, they do.
In my past, there's an ex-CEO whom I'll just call "Ben." Ben made some
really astonishingly bad decisions that put him in prison for eighteen
months, and left me with a permanent distrust for him. If I see Frank
has signed Ben's certificate, and I trust Frank, am I going to trust Ben?
Of course not.
Trust is not transitive. If A trusts B and B trusts C, there is no
requirement that A trusts C. In fact, if it turns out A knows C,
transitivity can break completely.
> What would not be visible (at least to people who didn't already know
> it) is the identity and email address of the certifying key's owner.
So far, you haven't produced a mechanism that will do this. We're still
at the "it would be nice if..." stage of your idea. Thus, I really
can't respond to statements of what this mechanism would or wouldn't do,
since we don't have a mechanism to analyze.
More information about the Gnupg-users