On 05/12/2018 06:09 PM, franek.wiertara wrote: > Hi > > I am sorry if you find my comment a little less understanding. English > is not my first language. Hopefully, I have described my problem clearly > enough :) > > I have two problems. > 1. I am not entirely sure what exactly marginally valid keys do and when > they become marginally valid. I thought keys would either be valid or not!
marginally trusted isn't valid, the threshold is set using --marginals-needed n Number of marginally trusted users to introduce a new key signer (defaults to 3) i.e you need 3 signatures by default on a keyblock/uid for it to be treated as valid, if you don't have that it isn't. > 2. I am also not fully confident in understanding Web of Trust. I have > just got some bits today :) > > I realised, after reading the The GNU Privacy Handbook, if a key becomes > valid due to the Web of Trust or signed personally, it can "participate" > in validation of next keys, depending on my trust. What exactly happen > if a key is marginally valid? marginally valid -> not valid -> trust level doesn't matter (excluding ultimate trust that isn't to be used for other people's keys in these scenarios anyways) > > I also provided some scenarios based on the website and an example of a > network: > > .---> Blake ---. > / \ > Alice --- ---> Chloe ---> Elena ---> Geoff > \ / \ > *---> Dharma --* \ > \ \ > *----------->*---> Francis. > > Let's say Blake's and Dharma's keys are always valid because they are > signed by Alice. In case any of those keys are fully trusted, Chloe's > and Francis' keys will be fully validated. If Both Blake's and Dharma's > keys are marginally trusted, Chloe's key will be still fully validated > but Franci's will only be marginally validated. For Chloe's key to be validated in this scenario you'd require a direct path from Alice since there isn't 3 marginally trusted signatories (unless you introduce one from outside the schema). > > Now, when Chloe's key is fully valid, what happen to Elenaa's key? Will > it become a fully or marginally valid key? I think it depends on whether > I fully or marginally trust Chloe's key. Presuming Chloe's key is valid, yes, what happens down the chain depends on the trust level of this keyblock. > > There is lot of situations when keys can become marginally valid. I am > guessing, marginal validation sort of blocks a further validation on the > path. I am wondering why we are not simply to say that a key can be Blocks, how? > either valid or not? What am I missing? What is the consequence of a > marginal validation? It has the potential of becoming valid if signed by more marginally trusted people (or directly by someone with full trust) > > Thanks > > PS. For the example, I followed the assumptions from the website: "... > two marginally-trusted keys or one fully-trusted key is needed to > validate another key. The maximum path length is three." > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- "If you are successful, you may win false friends and true enemies. Succeed anyway." (Mother Teresa)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users