[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Transitive trust and MLM



From:	IN%"[email protected]"  "Hal"  7-MAY-1996 18:58:41.28

>Unfortunately we are left with a choice between three not very good
>possibilities: accept transitive trust and hierarchical key CA
>structures; use very flat hierarchies where one signer validates huge
>numbers of keys; or accept that only a small number of keys can be
>validated by key signatures.  I think all these are troublesome and in
>fact it makes me question the whole notion of key signatures.

	I think the web-of-trust without transitivity of _some_ trust is too
limited. If a lot of completely-trusted key signators have signed a key, and
that person's key is self-signed and has signed the keys of those key
then keys signed with that person's key are significantly more likely to be
good than those without this signature. I wouldn't count the person as a
completely-trusted signator, but I wouldn't count them at 0 either.
	However, the above is just my opinion. Have any studies been done of
the likelihood of a key to be later discovered to not match up to the claimed
nym? I suspect there isn't adequate data as yet, but it could still be a good
thing to check.
	-Allen