On 06/11/13 23:28, Leo Gaspard wrote: > The fact that others could get just the same effect by twisting their WoT > parameters is not an issue to me. Firstly, because there are few trust > signatures (according to best practices I read, that said trust signatures > are mainly made for closed-system environments), so WoT rarely expands > outwards of one signature by someone you know.
Let's leave trust signatures out of the equation, it makes it a lot more complicated and they are rarely used. I also don't see the relation between the statements in this quote here. > But mostly because signing is an attestion of your belief someone is who > (s)he is. Thus, if you believe someone is who the UID states (s)he is as > much as if you met him/her in person and followed the whole verification > process, I would not mind your exporting signatures of the key. I get the feeling you're partly responding to my adamant statements earlier, but you're confusing the situation I was responding to. I think you're saying: Person X tells me their key is K1. I blindly trust person X, and I know for a fact that person X was the one who told me K1 is his key. That is, you were in the same room, or you recognised their voice on the telephone, or something similar. This is acceptable to many people as a verification. But this is not the situation I was talking about. It's this: Person X (having key K1) has signed key K2, asserting that it is held by Y. Since you blindly trust X, you can assign him full (or hell, ultimate if you prefer) ownertrust, and key K2 is valid for you. You don't need to sign K2 anymore, because it is already valid since you expressed your trust to GnuPG, and GnuPG uses it to validate that it belongs to Y. Now, what Stan Tobias appeared to want, is sign key K2 himself, probably to express to others in the Web of Trust that he believes K2 to be valid. But this doesn't add any additional verification of key validity to the Web of Trust, it's noise. Because anyone else can look at the signature made by X, and decide: I trust X fully as well. They assign full trust to X, and K2 becomes valid. Let's get back to ownertrust: in the Web of Trust, ownertrust is an expression of how well you think other people verify identities before they sign a key. If you sign key K2 based on X's signature, you haven't verified Y's identity. You've probably verified X's identity, but not Y's. So you shouldn't sign K2. You might believe Y when he or she walks up to you and says: my name is Y and K2 is my key. But that is not what happened; X said: K2 is Y's key. Y didn't say anything to you, let alone that you verified it was actually Y talking. That's the absolutely necessary part of verification: you believe that it was actually Y that told you K2 is theirs. Just believing K2 is Y's key is not verification; it's key validity. I'll give an example. In the Web of Trust, key validity is a thing that can gradually build up until it passes a certain point where we say: I have so much proof that it appears to be valid, that I conclude it's, within reason, valid. This is why you have "completes needed", "marginals needed", and "max cert depth". The latter says: once we pass a certain depth, my proof of identity becomes so indirect I don't wish to trust that information anymore. I will paint a picture with the default settings, completes 1, marginals 3, max depth 5. Suppose A has signed B. There are three people C, D and E, who have full trust in A. They do what I'm arguing against: they sign key B as well, based on their trust of A. Now I come along. I actually have key A valid as well, but quite indirectly: it is at level 4. I know A, but ownertrust is very personal. I think A does an okay job of verifying identities, but not to the rigorous level I personally demand. I work with pretty sensitive stuff, and my standards are high (I'm painting a picture here, not describing reality). So I assign him marginal ownertrust. Now what I would expect, is that I need some more signatures, and B will become valid at level 5, the level where I have configured GnuPG to say: okay, this is deep enough, I will not take into account B's signatures on other keys because the proof becomes too indirect. However, I also know C, D and E, signed their keys and assigned them marginal ownertrust because I was under the impression they also verify identities pretty well. I don't know that they go around signing keys based on other people's signatures. C, D and E are thus at level 1 in my web. They all signed B's key, so I think: that's reasonable proof that B is valid. Not only do I think that, so does GnuPG. It leads to B's key being valid at level 2. B can have another few levels of indirection before I consider the path too long. In fact, for signature paths through B, it effectively just changed my "max cert depth". B belongs at level 5, because the proof of validity is very indirect in my *own* web, but he's at level 2, so my "max cert depth" has effectively become 8 instead of 5 for paths through B. Furthermore, what does my Web of Trust seem to imply? It implies that 3 reasonably trustworthy people all individually certified B's identity. That's a fair amount of proof that the identity is correct. More eyes have seen the passport or more people have known B for very long. What is actually the case? This one person, A, whom I somewhat trust, has certified B's identity. It's almost as if I'd set my "marginals needed" to 1, because no more verification has ever been done of B's identity. This is why I am adamant that you should not sign based on other people's certifications. You are muddling my view, and I think I'm basing validity on one thing whereas I'm accidentally basing it on something else. I have keys on my ring that are valid, even though they did not pass my personal demands of verification. Lying was also brought into the discussion, as if that changes things. We are talking about trust here; I'm making a mistake when I assign ownertrust to a liar, but that in no way implies that it's okay to sign keys without verification. When I find out people lie about their verifications, I set those people to "I do NOT trust". When I find out people sign keys they haven't verified, I set those people to "I do NOT trust". The rest of your message about how you check an identity is a different topic altogether. But let me say this: when I sign an UID, I primarily sign the name. I prefer there's no comment, so I don't have to think about that, and ownership of an e-mail address is an interesting topic. Who owns l.gasp...@yourisp.com? You or your ISP? Both? Neither? If you wish to debate about how you check an identity, please create a separate thread, because it is a different topic. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
