Re: Are you strongly connected? A Debian keyring analysis
On pe, 2003-07-18 at 13:56, Sam Hocevar wrote: >There must be connected groups amongs the keys not in the biggest > group, could you maybe show these groups as well? It would give us a > better idea of who to hunt for a signature. There are, but they are very small and few -- less than a dozen keys, and only half a dozen of them or so. I thought it would be better to keep the list of keys outside the big set simple. -- Enemies of Carlotta 1.0 mailing list manager: http://liw.iki.fi/liw/eoc/
Re: Are you strongly connected? A Debian keyring analysis
On Fri, Jul 18, 2003, Lars Wirzenius wrote: > It would be good to have all keys in the Debian keyring in a strongly > connected set, i.e., so that there is a signature path from every key to > every other key in the keyring. There must be connected groups amongs the keys not in the biggest group, could you maybe show these groups as well? It would give us a better idea of who to hunt for a signature. -- Sam.
Are you strongly connected? A Debian keyring analysis
I did a new brief analysis of the Debian keyring to see how big the strongly connected set of keys is at the moment, just before the big keysigning at DebConf3. The results are at http://liw.iki.fi/liw/debian/ It would be good to have all keys in the Debian keyring in a strongly connected set, i.e., so that there is a signature path from every key to every other key in the keyring. This is probably impossible in practice, but it would be good to be as close as possible. Also, it helps to have the signature paths as short as possible. This also improves the quality of the web of trust. At the moment, the big strongly connected set has a median path length of five and a longest shortest path between any two keys of twelve. -- Enemies of Carlotta 1.0 mailing list manager: http://liw.iki.fi/liw/eoc/
Re: Debian keyring analysis
On Fri, 07 Feb 2003, Lars Wirzenius wrote: > ti, 04-02-2003 kello 23:49, Peter Palfrader kirjoitti: > > On Tue, 04 Feb 2003, Lars Wirzenius wrote: > > > > > I was bored at work today, and wrote a quick-and-dirty Python script for > > > analyzing the Debian keyrings. > > > > You are awayre of http://people.debian.org/~weasel/weboftrust/ ? > > Nope, I wasn't, thanks for the link. If I understood correctly, that > page lists statistics for the which keys in the strongly connected set > are closer to other keys than others. It doesn't explicitly list the > keys that are not in the strongly connected set. Not yet. I've wanted to do this for a long time but never got around. And Martin stopped kicking me about it as well :). > I'm not very good at GPG/PGP web-of-trust things. Would it be good to > try to include all keys in Debian's keyring in the strongly connected > set? This should strengthen they web-of-trust within Debian, yes? Yes and Yes. cu Peter -- PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred.| : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `-http://www.debian.org/ pgpojmdtoRofZ.pgp Description: PGP signature
Re: Debian keyring analysis
ti, 04-02-2003 kello 23:49, Peter Palfrader kirjoitti: > On Tue, 04 Feb 2003, Lars Wirzenius wrote: > > > I was bored at work today, and wrote a quick-and-dirty Python script for > > analyzing the Debian keyrings. > > You are awayre of http://people.debian.org/~weasel/weboftrust/ ? Nope, I wasn't, thanks for the link. If I understood correctly, that page lists statistics for the which keys in the strongly connected set are closer to other keys than others. It doesn't explicitly list the keys that are not in the strongly connected set. I'm not very good at GPG/PGP web-of-trust things. Would it be good to try to include all keys in Debian's keyring in the strongly connected set? This should strengthen they web-of-trust within Debian, yes?
Re: Debian keyring analysis
On Tue, 04 Feb 2003, Lars Wirzenius wrote: > I was bored at work today, and wrote a quick-and-dirty Python script for > analyzing the Debian keyrings. You are awayre of http://people.debian.org/~weasel/weboftrust/ ? yours, peter -- PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred.| : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `-http://www.debian.org/ pgpjCP4U7ogxO.pgp Description: PGP signature
Re: Debian keyring analysis
Hi, Am Die, 2003-02-04 um 20.38 schrieb Lars Wirzenius: > I'm sure many of them could be strongly connected with little effort. I would suggest to put in the new maintainer key singing text that theh new maintainer should also sign the person's key that signs the nm's key. I forgot to ask the person that signed my key to bring his fingerprint, so now my key is (probably) reachable from most debian keys, but I can't "reach" any of those keys. So I would recommend to explicitly recommend to sign keys boths ways when having a new maintainer getting his key signed. Joachim (Before you wonder why my key is not in the debian keyring: I'm sill in the nm process) -- Joachim Breitner e-Mail: [EMAIL PROTECTED] | Homepage: http://www.joachim-breitner.de JID: [EMAIL PROTECTED] | GPG-Keyid: 4743206C | ICQ#: 74513189 Geekcode: GCS/IT/S d-- s++:- a--- C++ UL+++ P+++ !E W+++ N-- !W O? M?>+ V? PS++ PE PGP++ t? 5? X- R+ tv- b++ DI+ D+ G e+>* h! z? Terrorists can take my life. Only the government can take my freedom. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Debian keyring analysis
I was bored at work today, and wrote a quick-and-dirty Python script for analyzing the Debian keyrings. Specifically, I wanted to know how strongly connected the keys in Debian's keyring are. A strongly connected set of keys is such where all keys in the set are reachable via signatures from all other keys in the set. Thus, if A signs B, and B signs A and C, but C doesn't sign anything, then A and B form a strongly connected set (A is reachable from B and B is reachable from A), but C is not included in that set (C is reachable from B, but not vice versa). Anyway, according to this version of the script, we have one large strongly connected set (769 keys), a few smaller ones, and 487 single, unconnected keys: sets keys in set 487 1 14 2 2 3 1 4 2 5 1 7 1 769 I'm not sure these results are useful, but it might be worthwhile to think about whether more keys should be in the strongly connected set. I'm sure many of them could be strongly connected with little effort. For example, my new key is signed by my old key which used to be in the keyring, but since the old key has been removed there is now no strong connection between my new key and the big strong group. (I'll rectify this by signing Richard Braakman's key, or something.) Script and results are at http://liw.iki.fi/liw/temp/keyring/ The keyrings were fetched via rsync from keyring.debian.org today.