Daniel Kahn Gillmor via Gnupg-devel <gnupg-devel@gnupg.org> writes: >> So I don't think identity trust calculations must generally always be >> additive when given more information. > > Right, i can see how that is an interesting counter-point: two mutually > conflicting identity assertions about the same underlying principal > should make either identity assertion *less* confident than it was > before.
No, I didn't mean that the two IDs provide assertions that conflict, and I see now that my example was unclear and gave that impression. While it may appear that way, I don't believe one passport for a person with name X and a drivers license for the same person with name Y is necessarily asserting anything that conflicts. A person can have multiple names at different points in time, and it is common for people to have multiple valid names at the same point in time too. When mapping this to a digital world, I think it is reasonable to give full confidence to a simple chain of assertion claims, but less confidence to a more complex chain. Which seems somewhat similar to the example you gave. And more in line with common human trust confidence behaviour -- if you only have one person available for trust, you have no choice than to trust 100% but if another person comes along you could trust 99%/1% or 50%/50% depending on properties. Mapping human trust calculations into anything digital seems hard, though, and my head hurts when I try to map any of this into PGP WoT principles. But I'm not certain that finding surprising examples is always a bug. /Simon
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-devel
