At 2:35 PM -0700 6/13/03, Pat Farrell wrote:
>At 11:56 AM 6/13/2003 -0400, John Kelsey wrote:
>>At 10:27 AM 6/11/03 -0700, bear wrote:
>>>That is the theory.  In practice, as long as the PGP "web of trust"
>>The thing that strikes me is that the PGP web of trust idea is appropriate
>>for very close-knit communities, where reputations matter and people
>>mostly know one another.  A key signed by Carl Ellison or Jon Callas
>>actually means something to me, because I know those people.  But
>>transitive trust is just always a slippery and unsatisfactory sort of thing--
>I may have missed it, but I thought that the web-o-trust model of PGP has
>generally been dismissed by the crypto community
>precisely because trust is not transitive.
>Similarly, the tree structured, hierarchical trust model has failed,
>we currently have a one level, not very trusted model with Verisign
>or Thawte or yourself at the top.
>I know from discussions with some of the SPKI folks that encouraging
>self defined trust trees was one of the goals.
>Of course, if the size of the tree is small enough, you can just
>use shared secrets.

The HighFire project at Cryptorights
<> is planning on building a
"web of trust" rooted in the NGOs who will be using the system.  Each NGO
will have a signing key.  A NGO will sign the keys of the people working
for it.  In this manner, we have way of saying, "The John Jones who works
for Amnesty International".  A NGO may decide to sign another NGO's signing
key.  Now we have a way to say to someone in Amnesty, "Send a message to
Steve Smith in Médecins Sans Frontières."  The plan is to show the trust
relationship in the UI as a path of keys.

I would appreciate your comments.

Cheers - Bill

Bill Frantz           | "A Jobless Recovery is | Periwinkle -- Consulting
(408)356-8506         | like a Breadless Sand- | 16345 Englewood Ave.
[EMAIL PROTECTED] | wich." -- Steve Schear | Los Gatos, CA 95032, USA

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to