On 22/03/16 13:21, Lachlan Gunn wrote: > All the pathfinders I've seen have been full-on HTML websites, is there > anything out there more suitable for scripting?
This doesn't help you one iota. The simple reason: trust is not transitive. If you want key A, which is 4 hops away from you, to become valid, you need to trust a key B that has signed it. So either you see among the people who signed key A someone you trust, or you don't. I'm pretty sure you would recognise the name of someone you trust. If you do see a name you recognise, key B, and who you trust, the task simply transfers from A to this B. Only if, on every hop along the path, there are people you recognise and trust, can you actually get valid keys that are several hops away. That trust is not transitive is not some quirk of the web of trust: it is fundamental. I might trust Carl, and Carl might trust Jenny, but if I don't know Jenny, I would not trust her, despite the fact that I trust someone who trusts her. Trust is personal and direct, not transitive. There is one exception: when you trust someone so much that you'd delegate the issue of trust to them. This is usually only done in specific, small communities and employer-employee relations, and is a "trust signature". They are hardly ever used. Note that the trust might be more built into the relationship than that you actually do trust your employer... ;) HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
