On Thu, Mar 26, 2015 at 2:46 PM, Brian Sniffen <bsniffen(_at_)akamai(_dot_)com>
Phillip Hallam-Baker <phill(_at_)hallambaker(_dot_)com> writes:
On Wed, Mar 25, 2015 at 6:25 PM, Christoph Anton Mitterer
On Wed, 2015-03-25 at 22:56 -0500, Phillip Hallam-Baker wrote:
Web of Trust is a fine academic
theory but it is not how OpenPGP is really used in the real world.
How else do you use it?
I see people using fingerprints directly mostly. Some download them
from key servers.
By Web of Trust I mean actually following a chain to check a key.
I walked a colleague through doing that today: she needs to send me a
secret, and I can't take time to call her and read a fingerprint.
Fortunately, my key had been signed by many other colleagues, and she
had trusted keys from a few of them. It worked exactly as designed.
Hey, S/MIME works fine with the 'call a friend' option as well :-)
If we could get PGP up to critical mass then the web of trust is
potentially a 'viral marketing' feature. Until we reach critical mass,
viral marketing means 'chicken and egg'.
As far as OpenPGPvnext goes, I would focus first on getting the
message and fingerprint formats revised and seeing what we can do to
eliminate 'needless' variation between S/MIME and OpenPGP.
Back when I was working on the Web at CERN I told Tim Berners-Lee that
we should kill the SGML bit and write our own document format
language. At that point we had about a million users. Tim replied that
the reason he adopted SGML was because he wanted to get buy in from
the publishing industry and they were committed to SGML. So I should
At this point we can tolerate two message formats. But remember that
any mail encryption scheme that can emit CMS can send an encrypted
message to 1 billion email users using their existing clients. So even
though I despise ASN.1, I will write code that will do just that. And
come to that it seems most OpenPGP implementations have as well.
It's similarly helpful for new peole joining that group---new staff, in
that case. This is just an anecdote, of course, but so is "I have
never...". I expect there are little cells of WoT usage scattered
around, and little cells of blind trust, and little cells of
read-the-fingerprint---when strangers meet.
The draft I mentioned earlier describes an approach to joining those
cells up together.
No, I think there are quite a few things that we can do today that
change the WoT game. People carry smart phones with near field
communication, barcode, cameras. So signing can be made a lot simpler.
I would be interested to see a tag on keysignatures. That would let me
play with automatic signatures and such without polluting the WoT. I
don't directly see how to do this---is this what "Key Endorsements" are
Yep, I don't actually rate a keysignature as being worth anything
until it is enrolled in a TRANS like log.
There are some really fun things we could do in future on the trust
model side. But I think we need to decruft the base OpenPGP first.
openpgp mailing list