-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Raimar Sandner wrote: > Hello, > > when gnupg trusts a key as a result of trustdb calculations, I would > like to know what the chain depth for the given key is. > > I know that I can control the maximal acceptable depth with the > max-cert-depth configuration parameter. I would like to keep the > default of 5, but it is still a difference regarding the > trustworthiness of a key if it is frully trusted in, say, third or > fifth level. > > Manually following the trust chains can be annoying, and could also > lead to false conclusions as in the following small example: > > Say we have marginals-needed=2, completes-needed=1 and the web of > trust is > > # me -> A ---------> E > # | \---> D ----/ > # \-> B -> C / > > with the ownertrust values > A: marginal > D: marginal > C: marginal > B: full > > On a first glance one might think as we have the chains me->A->E and > me->A->D->E, that E is fully trusted in third level. But because D > only is trusted in third level (me->B->C->D), E is actually trusted > in fourth level. This rapidly gets more complex with a growing web > of trust. > > As of now I can only think of gradually reducing max-cert-depth, > recalculating trustdb and see, if a given key stays fully trusted. > Is there a better way to determin the cert depth? If not, I think > this would be a nice feature to implement. > > Cheers, > Raimar > > _______________________________________________ > Gnupg-users mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users > Hi, I don't wish to be over-simplistic, but I had thought that the web of trust was a people thing rather than a mathematical model. I can appreciate it's difficult to form a web of trust between people that you never meet - like me posting here - the idea I thought was to develop such networks through people that one knows - or gets to know via shared contacts - shared experiences - common interests and concerns. What is trust anyway? Common shared values? How does one measure that with the depth of signed keys? Ok so I'm being a bit philosophical Best Wishes :) David - -- Confidentiality Statement Wisdom is knowing what to do with what you know. This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error email [email protected]. Thank you. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAknzXV4ACgkQYvuE3Ov+SsB4YgCg0aogBZ7fsuSw+Jyotn2PMofX E1gAnAlaa+501bbdFVx8Lbvqat/kvIpW =q/xg -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
