Re: Transitive trust and MLM

[eli+@GS160.SP.CS.CMU.EDU]

In article <+cmu.andrew.internet.cypherpunks+UlYwNe:00UfAM107VG@andrew.cmu.edu>
EALLENSMITH@ocelot.Rutgers.EDU writes:
>	The different paths going through those different signatures will be
>correlated/non-independent, yes.... but that isn't the problem unless you're
>considering multiple paths (in a more complicated version).

To determine key validity, you do have to consider all paths.  If a
single trusted path to the bad key exists, the attacker wins.

>	IIRC, there have been some sociological studies showing that _everyone_
>is linked through 6 or so people.

Milgram's "small world" experiments used a much looser sort of "link"
than we want here.  It would be certainly interesting to know how
large a difference this makes.

> Now, there's the question of whether you _need_ to be linked to everyone - 
> [...] I see nothing wrong (and am in favor of) separation of the
> elite from the masses.

Gee, let me guess which group you're in... I'll go with "people I want
to talk to" versus "people I don't want to talk to", thanks.

It's true that you don't need to talk to everybody.  The problem is
that I might want to talk to people whom I don't know personally, but
know by reputation, or by function ("DEA Rat Hotline" -- well, maybe
not).

-- 
. Eli Brandt                                        usual disclaimers .
. eli+@cs.cmu.edu                                  PGP key on request .
. violation of 18 U.S.C. 1462:                                  "fuck".