On Fri, Jun 13, 2008 at 11:35:08AM -0700, bezna wrote: > > Hi, > > I'm using PGP Desktop 9.8 and I noticed when I export a public key from GPG > and import it in PGP, any trust signatures made on it with GPG and given a > depth greater than 8 are lost. Presumably this is because of constraints > within PGP, IE the maximum trust depth that can be set in PGP for a > signature is 8. > > I was wondering if anyone can provide a rationalization for why this > is?
I could make a guess (8 is a huge depth already and so they capped it there to simplify things?), but it would really be just a guess. I suggest contacting the PGP folks and asking them. They're a very responsive company. Let us know what you find out. > Ostensibly even a trust signature of depth 2 carries enormous power with it, > but there is no such cap on GPG. Furthermore, why are signatures in GPG with > a trust depth greater than 9 marked as a 'T' on listings, even though the > depth of the signature still matters (e.g. a trust signature with a depth of > 14 is still more powerful than one of depth 12, even though they're both > labelled 'T'). This one I can answer, as I wrote that part of the code. The reason that GPG marks signatures with a depth greater than 9 as 'T' in a signature listing is simply because the signature listing is formatted, and I only had room for a single digit without reformatting the display. Thus, 'T' in this case just means "more than 9". Note that this is strictly a display convention, and the internal trust calculations use the real number of course. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
