At 12:37 AM 3/11/99 GMT, Adam Back wrote:
|xx01 you can use this cert in the calcuation of validity for
|certification purposes but not for document signatures; odd because
|certifation is generally considered a more security critical operation
|than document signature.
|
Not if it's a key to be used for certification only. If someone were to
make a CA, that might be a reasonable thing to do. I just searched
certserver.pgp.com for all keys with the word "certification" in them. It
maxed out and sent me only 48 keys.
|Overall the flags seem to be very CA centric. The certify flag (when
|set to zero) has negative impact on the WoT, though perhaps a CA might
|be interested to use them to prevent people who had not paid the CA
|for a cetificate having their WoT connectivity strengthened by the
|CA's efforts. As the user of a key so certified, one derives more
|security (better WoT connections) by ignoring the fact that the flag
|is set to zero).
There's a reason they are CA-centric. They were requested by people
building CAs.
I'll say it again. There is no web of trust in OpenPGP. There is no
mandated trust model in OpenPGP. The working group EXPLICITLY shot down the
notion that there should be a trust model, and that the semantic mechanisms
be left to the discretion of the implementer.
|
|The sign flag (when set to zero, which only makes sense to do if the
|certify flag set to one) is a bit odd. As the user of a key so
|certified, one derives more security (better WoT connections) by
|ignoring the fact that the key is set to zero!
|
I agree with you completely that there will be many cases where third-party
statements will be ignored, or even met with derisive laughter. If we look
at Alice making statements about Bob's key, unless I know who Alice is (she
may be just a 64-bit keyid to me), and actually care, I'm not likely to
even look at the contents of her signature, let alone try to interpret it.
I also agree that in the vast majority of cases, third-party statements are
silly. We haven't even discussed the other two defined flags -- the "secret
shared" flag and the "ecrowed" flag. However, there are cases in which
these are useful. Let me give an example:
The Aluminum Bavariati, a secret society of 144,000 members, wants all its
members to use OpenPGP. The AB secret masters will sign each Bavariati
member's keys so that other members will know they're dealing with a fellow
Bavariatus. The Bavariati policy, though, is that they believe the
organization should use single-key RSA keys, and a separate key for comm
encryption, storage encryption, and signatures. They don't want any of
those keys used for key signing. They don't care which keys you use for
what on non-Bavariati business. These flags are exactly what the society
needs. You and I don't need them, but they serve a purpose that can't be
served without them.
Jon
-----
Jon Callas jon(_at_)pgp(_dot_)com
CTO, Total Network Security 3965 Freedom Circle
Network Associates, Inc. Santa Clara, CA 95054
(408) 346-5860
Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA)