Managing the WoT with GPG
martin f krafft
madduck at madduck.net
Thu Jun 22 16:06:03 CEST 2017
also sprach Peter Lebbing <peter at digitalbrains.com> [2017-06-22 15:46 +0200]:
> > As far as I understand, the parameters --marginals-needed and
> > --completes-needed can be used to define a maximum search depth D,
> > so when I ask GPG to update the trustdb WRT key 0xdeadbeef, then I'd
> > envision it to
> Don't you mean
> > --max-cert-depth n
> > Maximum depth of a certification chain (default is 5).
> ? I don't see how --*-needed would limit the search depth, other than
> that for an actual keyset increasing them would effectively probably
> decrease the actual depth.
Yeah, that too.
> 1) Consider every key signature potentially valid. Construct the
> graph of signatures. Discard anything that is not rooted in an
> ultimately trusted key.
That sounds like a worthwhile optimisation, indeed.
> 3) Start at the ultimately trusted keys and consider each signature that
> corresponds to an edge going out of a valid key. Check signatures until
> full validity of a key is reached (or all signatures on a key have been
> checked). Stop checking then; it can't become more than fully valid by
> more signatures. The fact that a key has been added to the valid keys
> means you now have more edges going out from a valid key; keep repeating.
And so does this…
@martinkrafft | http://madduck.net/ | http://two.sentenc.es/
"durch frauen werden die höhepunkte des lebens bereichert
und die tiefpunkte vermehrt."
- friedrich nietzsche
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1118 bytes
Desc: Digital GPG signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
More information about the Gnupg-users