[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: trust problem
From: Ingo =?iso-8859-1?q?Kl=F6cker?= <ingo.kloecker () epost ! de>
Date: 2004-01-01 12:51:08
Message-ID: 200401011351.17061 () erwin ! ingo-kloecker ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Wednesday 31 December 2003 01:41, David Shaw wrote:
> The "PGP" model is the one based on Maurer. The idea is that each
> signature has a numeric value embedded in it, and validity is a
> function of that value. So if A signs a user ID on B with 100
> points, and A is fully valid, then B has 100 points. B can then sign
> a user ID on C, but can only use 100 points to do it (if B signs with
> 200 points, C only gets 100 of them). By convention, 60 points is
> equivalent to the classic trust model's "partial trust", and 120
> points is equivalent to "full trust". The signature can also have
> the number of levels the points may travel, and a regular expression
> to match user IDs on which the points may travel. Thus you can make
> signatures that say such things as "I sign B's user ID, but I only
> trust B enough to make people partially trusted and only for people
> at aol.com. All trust must stop after 2 hops.".
I guess everything after the "[...], but" is not incorporated into the
signature but is part of the local trust database. Correct? Now I
wonder how I can specify "I only trust B enough to make people
partially trusted and only for people at aol.com". Is it correct that
the first part "partially trusted" can be achieved by assigning
"marginal trust" to a key owner (gpg --edit-key trust)? How can I
assign a regexp?
Regards,
Ingo
[Attachment #5 (application/pgp-signature)]
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic