Hi! Robert J. Hansen schrieb: >> Think of it this way. Let's say you don't trust Google for some reason. >> Then you go to https://mail.google.com, and verify that the SSL >> certificate is correct, so you can be sure your not on a phishing site. >> Would you now claim that the site isn't authentic, just because you don't >> trust Google? > > Darn right I wouldn't. > > If I had good reason to believe Google was up to something nefarious, > there is nothing in heaven or earth that would cause me to say "yes, > that site is authentic." > > Trust is the ultimate dealbreaker. Always has been, always will be.
I think, it is is undefined what it means / should mean that "a site is authentic" here. 1) If it means "the site contents are created by a particular firm", it is not necessary to trust that firm in any way to deem the site "authentic". 2) If it means that the site content is harmless or the owner treats personal data well or something like that, trust in the owner would be required (in addition to trust in the ownership as such, as defined in 1). It is the same with "trusting" keys in GnuPG. Trust, in this case, only means that the key belongs to a particular person (by inductive reasoning as you explained very nicely). The person itself could be a total a**h**e but that would not prevent trust in the key. It would not even prevent the GnuPG concept of "ownertrust". If I know that said a**h**e, despite of his other attitudes, always takes utmost care in verifying other people's keys, I can assign an appropriate ownertrust. There can also be some people that I really, really trust personally but that are totally clueless about the correct verification procedures when signing other people's GnuPG keys. In fact, I know some. So, despite that I trust them, I did not assign any ownertrust to their GnuPG keys (it's not that they would sign many keys anyway...). As another point, think of codesigning-certificates. Just because, e.g., an ActiveX control is signed, it does not mean that it is safe, or whatever property one would like to claim about its contents/functions. It only means that it was created by the certificate owner and not manipulated by a third party. Summarizingly, we must note that GnuPG, SSL certificates or cryptography as a whole can only help with point 1) mentioned above. Everything beyond "proof of ownership/creation" is more of a social issue that cannot be solved by crypto. However, it is impossible to do reasoning about the contents themselves, if the ownership isn't established first. cu, Sven _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users