trust your corporation for keyowner identification?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Nov 7 19:40:22 CET 2013


On 11/07/2013 11:09 AM, Leo Gaspard wrote:
> Except they do not have to know X, nor that he makes perfectly reasonable
> decisions in signing keys.
>
> And I believe it's not noise. Let's make an example in the real world :
>   * I would entrust X with my life
>   * X would entrust Y with his life, without my knowing it
>   * Thus, if I actually entrusted X with my life, why should I be frightened if X
>     asked Y to take care of me ? Provided, of course, X told me he was letting Y
>     take care of me. After all, I would entrust X with my life, so I should just
>     agree to any act he believes is good for me.
> (That's what I called blind trust. Somewhat more than full trust, I believe.)

if we're talking about gpg's concept of "ownertrust", please do not 
muddy the waters with "entrust X with my life"?  gpg's "ownertrust" is 
much more narrow than that: it says "I am willing to rely on OpenPGP 
certifications made by the holder of this key".

"entrust with my life" is not simply a superset of all other trust.  I 
have friends who would take care of me if i was deathly ill.  I would 
place my life in their hands.  But they have never thought about how to 
do rigorous cryptographic identity certification, and I would not rely 
on their OpenPGP certifications.

>> Let's get back to ownertrust: in the Web of Trust, ownertrust is an expression
>> of how well you think other people verify identities before they sign a key. If
>> you sign key K2 based on X's signature, you haven't verified Y's identity.
>> You've probably verified X's identity, but not Y's. So you shouldn't sign K2.
>
> So, is a signature a matter of belief in the validity of the key or of actual
> work to verify the key ?

An OpenPGP certification says "I believe that Key X belongs to the 
person identified by User ID U".  Most people would not want to make 
that statement publicly without having thought about it and convinced 
themselves somehow that it is true.  What it takes to convince each 
person may well vary, which is why we assign different ownertrust to 
different people.  When making a public assertion like an OpenPGP 
certification, it is also probably reasonable to ask what the parties 
involved (or the rest of the world) gains from making that statement. 
Just because you believe a statement to be true doesn't mean you need to 
make it publicly, with strong cryptographic assurances, and it may have 
bad consequences.

Also, consider that certifications are not necessarily forever.   If 
Alice relies solely on Carol's certification to believe that key X 
belongs to Bob, and Alice then certifies (Bob,X), what does Alice do if 
Carol revokes her certification?  If Alice doesn't pay attention and 
revoke her own certification, then she is announcing as fact to the 
world something that she should no longer believe to be true (assuming 
that she was relying only on Carol's certification for that belief). 
This sounds like an untenable maintenance situation I personally would 
rather avoid, which is why i do not make public certifications based 
solely on other people's certifications.

> If I understood correctly, the depth parameter you are talking about is useless,
> except in case there are trust signature. And you agreed with me for them to be
> taken out of the equation.

The depth parameter is useful even without trust signatures.  Peter 
Lebbings response upthread describes the scenario.

Regards,

	--dkg



More information about the Gnupg-users mailing list