How to find and verify a trust path?

Philip Jägenstedt philip at foolip.org
Tue Sep 17 15:56:32 CEST 2013


On Tue, Sep 17, 2013 at 11:38 AM, Peter Lebbing <peter at digitalbrains.com> wrote:
> On 17/09/13 11:07, Peter Lebbing wrote:
>>> The independent paths need to be completely disjoint (except for start and
>>> end point) _and_ they all need to start with Philip's key.
>>
>> AFAIK, there is no such requirement in the Web of Trust. I've never heard of it.
>
> Euh... apart from the part where you said they need to start with Philip's key.
> I didn't trim the quote far enough :). I meant there is no requirement that the
> paths are independent.

Going with the GnuPG built-on model, it seems like I can get the "n
people would need to be deceived" effect by (in a temporary keyring)
assigning marginal trust to all keys in the world and
--marginals-needed n, without requiring the paths to be independent.
Does that sound right?

-- 
Philip Jägenstedt



More information about the Gnupg-users mailing list