On Mon, Jun 16, 2008 at 01:14:52PM -0700, bezna wrote: > > Dear David, > > First, thank you for your reply and for the working link to the white paper. > You have my enormous gratitude for taking the time to share your knowledge > with me. > > > David Shaw wrote: > > > >> Furthermore, if Bob tsigned Carmen with a depth of 4 (for his own > >> purposes), the chain of trust linking Eve to Alice would be broken > >> since GPG computes certificate validity (and trust in the case of > >> tsigns) only down paths where each next node in the path was tsigned > >> with a lower ???depth??? than the ???depth??? of the tsign on the > >> node before it. > > > > The chain isn't broken, the depth at each step is just lowered to > > match the perspective of the head of the chain (Alice in this case). > > If Bob tsigns Carmen, then from Bob's perspective, that chain in the > > link had a depth of 4. Similarly, if Roger signs Bob's key with a > > depth of 5, then we have a new chain from Roger's perspective where > > the Bob->Carmen link also has a depth of 4. If Roger signed Bob's key > > with a depth of 4, then the Bob->Carmen link has a depth of 3 (as it > > is lowered to match the maximum depth granted by Roger). If Roger > > signed Bob's key with a depth of 50, then the Bob->Carmen link has a > > depth of 4 (as it can't be larger than what Bob granted). > > > > I believe you might be mistaken on this point. I ran some trials and it > seems that if the next trust signature in the chain has a higher depth than > the one preceding it, it is treated just as a regular signature (depth 0) > and the trust data contained in the signature is discarded, effectively > breaking the chain. The next hop in the chain will have an appropriate trust > value of "undefined", and the one following it will simply be "unknown". See > for yourself:
Interesting. I'm going to have to go back to my notes from when I wrote that code back in 2002, and see what I was shooting for. My memory is that I wanted the trust depth to automatically degrade as the chain continued. It's possible this is just a bug, or it is possible I did it this way on purpose (PGP compatibility, maybe?) I'll let you know what I find. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
