David Shaw wrote:
First, read this:
http://download.cryptoex.com/documents/whitepaper/cex2003-pgp-in-unternehmen-en/Tech%20White%20Paper%202002%20-%20Using%20OpenPGP%20in%20Corporations.pdf
Then, read this:
http://lists.gnupg.org/pipermail/gnupg-users/2005-May/025612.html
Thanks :-) .... these helped me a lot in understanding :-)
I've also read the thread and nearly the same question is asked there
againm but,.. just to be sure:
So if I sign someone with a tsign and level 1:
-He is a trusted introducer for me, meaning that UIDs he sign are
automatically valid for me. (using sign)
-If he tsigns someone,... with any level, that UID is vaild for me too
BUT can't introduce new UIDs or introducers for me.
If I sign someone with level 2:
He is a metaintroducer meaning that,...
-normal normal sign he makes to UIDs are autom. vaild for me too.
-If he tsigns someone that someone is introducer for me too
Example:
me->(tsign_1)->root_CA
root_ca->(sign)->president
root_ca->(tsign-x)->sub_CA
=>root_ca and president is valid to me
=>sub_CA is vaild too but nothing that sub_CA signs/tsigns is vaild for me
Example:
me->(tsign_2)->root_CA
root_ca->(sign)->president
root_ca->(tsign-1)->sub_CA_A
root_ca->(tsign-2)->sub_CA_B
sub_CA_A->(sign)->bill
sub_CA_B->(tsign-1)->sub_sub_CA_B_A
sub_sub_CA_B_A->sign->joe
president->sign->mike
=>root_CA, president, sub_CA_A, sub_CA_B are vaild to me
=>bill is vaild too as root_CA makes sub_CA_A to an trusted introducer
for me (with the level 1 tsign)
=>sub_sub_CA_B_A itself is valid too for me
=>joe is NOT vaild for me, even sub_sub_CA_B_A got an level-1-tsign from
sub_CA_B which got an (!!) level-2-tsign from root_CA which would be ok
=> BUT I gave root_CA only a level-2-sign so third and higher level
introducers (like sub_sub_CA_B_A is one) do not count for me
=>mike is not vaild for me, too. even the levels for him would have been
ok,.. BUT president hasn't an tsign-x signature from the root
Everything correct so far?
What is the difference if I use FULLY or MARGINAL with tsigns?
Best wishes,
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quoted-printable;quoted-printable:;;Lothstra=C3=9Fe 34;M=C3=BCnchen;Freistaat Bayern;80335;Federal Republic of Germany
email;internet:[EMAIL PROTECTED]
tel;home:+49 89 24409568
tel;cell:+49 172 8617341
x-mozilla-html:TRUE
url:http://fhm.edu/
version:2.1
end:vcard
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
