On 22/04/14 23:58, Daniel Kahn Gillmor wrote: > If i grant "marginal" ownertrust to both A and B, then X only needs one > other friend to collaborate to get my gnupg implementation to accept > certificates that i'm not intending to accept.
I might have snipped my quote too much. Hauke was arguing that the term "ownertrust" is not correct because it is not about trust in the owner, but trust in specific keys. In your example, you do not trust the two keys differently[1]. However, due to a technicality, you can't assign both the same ownertrust, because they would add up. I don't think this is a fundamental thing that changes the concept of ownertrust, it is an unfortunate technicality. If GnuPG were somehow enhanced that you could mark them as "this is the same person", you would assign both "marginal" and benefit from certifications of either key. If it's that easily fixed, it's not a fundamental issue in my book. Peter. [1] Although you might mistrust a key that's no longer considered secure by current cracking standards. Again, not an issue with trust in the owner, but a technicality. --- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
