There are two related concerns raised in this e-mail. I hope we can have a conversation about them both.
On 01/15/2013 01:51 AM, Olav Seyfarth wrote:
> a key to be used for signing must either:
> be valid, non-expired and trusted,
> (which IS what you should do)
I don't think requiring user ID validity or ownertrust are reasonable
restrictions for deciding whether a key should be used to make a
signature. (otoh, expiration date checks seem reasonable).
gpg itself requires neither validity nor ownertrust to make a data
signature with a key.
Are you talking about choosing a target key for encryption, rather than
talking about signing? in that case, the validity should relevant (in
particular, the validity of the user ID corresponding to the recipient
of the message), but ownertrust should still not play a role in making
this determination.
Ownertrust is about the user's willingness to rely on identity
certifications from the holder of the public key.
Question A
----------
Is this check really in place? should it be?
> [or Enigmail could be set to use non-trusted
> anyway (which is meant for public keys fetched automatically).
i'm not sure how this makes sense. can you explain it further?
I'm concerned that we're getting the terms "trusted" and "valid" mixed
up here.
A key (on its own) is cryptographically valid by being a well-formed,
functional mathematical object. This indicates that the key can be used
in cryptographic operations, but not whether it *should* be used in any
given cryptographic operation.
A key+userID combination is valid if it has been certified by some other
fully-trusted key (or by 3 marginally-trusted keys). This indicates
that the key should be used in cryptographic operations related to the
peer identified by the user ID.
A key itself is trusted if the user has explicitly marked it as trusted
(either marginal or full trust), meaning that they are willing to rely
on the owner of that key to certify the identities of other people.
Looking at the enigmail key management interface, i see that the "Key
Validity" column confusingly uses the term "trusted", instead of "full"
or "valid". I think this is a mistake, and probably needs to be fixed
if we don't want to confuse users further about the relationship between
identity and ownertrust. Already, enigmail is divergent from the
information reported by gpg.
Question B
----------
Would patches be welcome to improve the terminology around validity and
trust?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
