[gnutls-dev] OpenPGP Keys
Timo Schulz
twoaday at gmx.net
Fri Apr 20 10:43:51 CEST 2007
Hi,
> (You directed the mail to `gnutls-dev-bounces' instead of `gnutls-dev'
Oops, I blame the mailer. Of course it should be go to gnutls-dev. Thanks.
> This is only used when traversing the certification graph ("web of
> trust") to determine the "loss of trustworthiness" yielded when
> following an edge. (Wow, what a fancy sentence! ;-))
I'm not sure about the current documentation, I remember that I've
seen some pictures of the WoT as examples. But if there is so much
confusion about this topic, I guess it's the best idea to explain
this in details (again).
> key-user ID binding?" And, as discussed on `help-gnutls', it takes more
> than this to implement a server-side authorization scheme. Thus,
> trustdbs in GnuTLS would only be a building block for people who want to
> implement authorization schemes based on user IDs, for instance.
I agree. A trustdb would involve more than just a simple trust to key
association. And right now there is no code in opencdk to calculate the
validity of a key based on the signatures and ownertrust values.
And to my surprise, the new code works even with the dummy stubs of the
trustdb code. So I ask me where the trustdb is really involved in the
handshake or authentication steps.
Timo
More information about the Gnutls-devel
mailing list