On Sun, 2010-12-19 at 02:08 +0100, Loic Dachary wrote:
> > .
> >
> > Most notably, if the certifying authority were to lose its legitimacy, side
> > rings could
> > emerge and take over on higher ethical grounds and with data loss on the
> > users' side.
> >
> From your messages and Stéphane Bortzmeyer remarks, it looks like a PGP
> web of trust would be an acceptable balance. From a political / social
> point of view, it would promote the emergence of multiple authorities
> instead of a single authority. For instance when a node tries to join a
> DHT by contacting a known node, it would also accept to only trust nodes
> that are connected to this node thru the PGP web of trust. From a
> technical point of view it would limit the nodes of the ring to those
> accepting the same rule.
IMO the PGP web of trust is a failed idea. Trust is not and never was
transitive. Treating it as such so magnifies the effect of a single
bad actor or security breach as to render the system useless.
Bear
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
