[15503] in cryptography@c2.net mail archive
Re: The future of security
daemon@ATHENA.MIT.EDU (bear)
Sun May 30 15:54:36 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 30 May 2004 12:36:53 -0700 (PDT)
From: bear <bear@sonic.net>
To: Russell Nelson <nelson@crynwr.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <16569.20087.36034.293440@desk.crynwr.com>
On Sat, 29 May 2004, Russell Nelson wrote:
>Eugen Leitl writes:
> > If I'm a node in a web of trust (FOAF is a human), prestige will
> > percolate through it completely. That way I can color a whole
> > domain with a nonboolean trust hue, while a domain of fakers will
> > have only very few connections (through compromises, or human
> > mistakes), which will rapidly sealed, once actually used to do
> > something to lower their prestige ("I signed the key of a spammer,
> > please kill me now").
>
>http://www.web-o-trust.org/
>
>The trouble is that it requires human action, which is expensive and
>becoming more expensive.
The bigger problem is that webs of trust don't work.
They're a fine idea, but the fact is that nobody keeps
track of the individual trust relationships or who signed
a key; few people even bother to find out whether there's
a path of signers that leads from them to another person,
or whether the path has some reasonably small distance.
I have not yet seen an example of "reputation" favoring
one person over another in a web of trust model; it looks
like people can't be bothered to keep track of the trust
relationships or reputations within the web.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
