Reply to various,

Yes, the value in a given key signing is weak, in fact every link in the
web of trust is terribly weak.

However, if you notarize and publish the links in CT fashion then I can
show that they actually become very strong. I might not have good evidence
of John Gilmore's key at RSA 2001, but I could get very strong evidence
that someone signed a JG key at RSA 2001.

Which is actually quite a high bar since the attacker would haver to buy a
badge which is $2,000. Even if they were going to go anyway and it is a
sunk cost, they are rate limited.

The other attacks John raised are valid but I think they can be dealt with
by adequate design of the ceremony to ensure that it is transparent.

Now stack that information alongside other endorsements and we can arrive
at a pretty strong authentication mechanism.

The various mechanisms used to evaluate the trust can also be expressed in
the endorsement links.

What I am trying to solve here is the distance problem in Web o' trust. At
the moment it is pretty well impossible for me to have confidence in keys
for people who are ten degrees out. Yet I am pretty confident of the
accuracy of histories of what happened 300 years ago (within certain

It is pretty easy to fake a web of trust, I can do it on one computer, no
trouble. But if the web is grounded at just a few points to actual events
then it becomes very difficult to spoof.
The cryptography mailing list

Reply via email to