Is there a way to browse the GPG web of trust?

Aaron Toponce aaron.toponce at gmail.com
Fri Oct 7 11:51:53 CEST 2011


On Fri, Oct 07, 2011 at 10:26:59AM +0200, Melvin Carvalho wrote:
> Just wondering is there a way to browse the GPG web of trust?
>
> Is some of the signing data public and downloadable, or is it mainly private?

Yes, and no. The Web of Trust is just a web centered around a specific
keyring. If you have a specific keyring, you can view that key's Web of
Trust. All you're looking at are signatures. It becomes a bit troublesome
after a while, because you look not only at that key's signatures, but the
signatures of those who signed the key as well.

If you want a graphical view of a Web of Trust, here is a quick shell
script you can run that ends up with a GIF you can view an any image
editor. You'll need GnuPG, of course, as well as signing-party (which
provides sig2dot), graphviz (which provides neato) and imagemagik (which
provides convert):

    gpg --list-sigs --keyring ~/.gnupg/pubring.gpg | sig2dot > ~/.gnupg/pubring.dot 2> ~/.gnupg/pubring.error.txt
    neato -Tps ~/.gnupg/pubring.dot > ~/.gnupg/pubring.neato.ps
    convert ~/.gnupg/pubring.neato.ps ~/.gnupg/pubring.gif

The more signatures and keys in that keyring, the more complex the Web of
Trust could be, and the longer it may take to generate that GIF. On my
Intel dualcore laptop, I rendered a keyring for a friend, and it took over
30 minutes. So, be patient. Here's mine (using the script above):

    http://aarontoponce.org/pubring.gif

Further, there is also the "Strong Set", which is said to be the largest
Web of Trust on the Internet. You can view that web here:

    http://pgp.cs.uu.nl/plot/

As an interesting sidenote, the top 25 keys, and all but 15 of the top 50
keys in that web belong to contributors of the Debian project (or so I've
been told).

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20111007/433af683/attachment.pgp>


More information about the Gnupg-users mailing list