Signature without policy meaningless? (was Re: UI terminology for calculated validities)
MFPA
2014-667rhzu3dc-lists-groups at riseup.net
Sun May 4 13:03:48 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Saturday 3 May 2014 at 9:50:47 AM, in
<mid:CAAu18hfmCwf3Gv68b_D_Y9Rr9JVUO_A0NEA6vRGR+ZB4OY3t0A at mail.gmail.com>,
Nicholas Cole wrote:
> [*] I'm aware there are problems with "marginal trust"
> related the fact that the requirement of three
> marginally trusted signatures to confer validity may in
> fact be fairly weak. The three signatures may not, in
> fact, be made independently of each other (consider
> three keys owned by the same person which all introduce
> a third key, for example, or multiple signatures made a
> single key-signing party).
The default is three but you can change it to whatever number you
want. I wonder what the effect might be if the default trust level "I
don't know or won't say" were treated in calculations as a
marginal-marginal, needing perhaps the cube or fourth power of the
required number of marginals to confer validity?
- --
Best regards
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
Life is a holiday. In the same way that glass is a liquid.
-----BEGIN PGP SIGNATURE-----
iPQEAQEKAF4FAlNmHppXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pBjID/2jKJIrNVmrXq9HnWYUot14bJuFid0v0Hbfs
Gm/hooiOEcDm81FHShkm6gS5kwdSUNgBJBkVt1d2cdGQE71ZFQmbKxF8EwANxVmK
Y3WIZH6iPIQnKf98QoA+JDl4uDw3prsXR5InHaI6K/ugFKg3ceVNHTeMLMBOQYas
SQkw+0A+
=kFjn
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list