[13622] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

RE: Keyservers and Spam

daemon@ATHENA.MIT.EDU (Pat Farrell)
Fri Jun 13 17:39:25 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 13 Jun 2003 17:35:17 -0400
To: John Kelsey <kelsey.j@ix.netcom.com>, bear <bear@sonic.net>,
From: Pat Farrell <pfarrell@pfarrell.com>
Cc: dahonig@cox.net, <cryptography@metzdowd.com>
In-Reply-To: <>

At 11:56 AM 6/13/2003 -0400, John Kelsey wrote:
>At 10:27 AM 6/11/03 -0700, bear wrote:
>>That is the theory.  In practice, as long as the PGP "web of trust"
>The thing that strikes me is that the PGP web of trust idea is appropriate 
>for very close-knit communities, where reputations matter and people 
>mostly know one another.  A key signed by Carl Ellison or Jon Callas 
>actually means something to me, because I know those people.  But 
>transitive trust is just always a slippery and unsatisfactory sort of thing--

I may have missed it, but I thought that the web-o-trust model of PGP has
generally been dismissed by the crypto community
precisely because trust is not transitive.

Similarly, the tree structured, hierarchical trust model has failed,
we currently have a one level, not very trusted model with Verisign
or Thawte or yourself at the top.

I know from discussions with some of the SPKI folks that encouraging
self defined trust trees was one of the goals.

Of course, if the size of the tree is small enough, you can just
use shared secrets.


Pat Farrell                     pfarrell@pfarrell.com

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post