On Tue 2025-05-06 23:04:40 +0200, Simon Josefsson wrote: > Daniel Kahn Gillmor via Gnupg-devel <[email protected]> writes: > >> - I generally expect WoT calculations to be cumulative or additive in >> some sense. > > I think that may be a fundamental problem.
I should probably have said "potentially corroborative" or something. I
didn't mean to imply that every additional certification *must* increase
calculated validity, only that i don't expect additional certifications
to *reduce* validity.
In your discussion below, i think you're using the term "trust" to mean
both "calculated validity" (how much do i believe this certificate
belongs to the claimed User ID?) and "assigned ownertrust" (how much am
i willing to rely on cryptographic identity certifications made by this
key?)
In your sharp observation i think you're talking about the "validity" of
two *different* names associated with a single underlying cryptograpic
identity.
> So I don't think identity trust calculations must generally always be
> additive when given more information.
Right, i can see how that is an interesting counter-point: two mutually
conflicting identity assertions about the same underlying principal
should make either identity assertion *less* confident than it was
before.
I don't know of any WoT implementation that includes this kind of
heuristic, but i can see why it might be desirable.
For the sake of the discussion here though, i was talking about how to
think about certifications that all *agree* on the uid+key binding
(validity), but maybe differ in degree of trust asserted.
I had worked from the following observations:
- three certifications from "marginally trusted" certifiers add up to
full calculated validity for the subject.
- a certification from a "fully trusted" certifier *also* endows the
subject with full calculated validity.
- one certification from a "fully trusted" certifier plus another
certification from a "marginally trusted" certifier *also* endows the
subject with full calculated validity. (i think -- i'm realizing now
that i haven't explicitly tested this claim which i thought was
non-controversial)
- a "full" tsig at depth N results in the subject being a fully-trusted
certifier with depth N-1.
From the above, i'd assumed that
- the one "marginal" tsig at depth N plus one "full" tsig at identical
depth N would result in a fully-trusted certifier with depth N-1.
But this last thing appears to not be the case.
--dkg
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
