[Top] [All Lists]

Re: Chain of Trusted Forwarders

2005-05-29 20:12:25

At 12:07 -0400 on 05/29/2005, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote about Re: Chain of Trusted Forwarders:

Congrats.  You've re-invented the PGP Web Of Trust, although usually people
don't bother doing the extra step of running credit and police records.  The
fact is that the PGP Public Keyserver system has only several million e-mail
addresses in it, and only some 100K (last I checked) in the "well connected
set" (meaning keys that *have* done this sort of thing enough to be
identifiable to anybody else in the set).

That number is dropping fast due to the new PGP Key server code that drops any signature from a uploaded key if it is not already on the server. IOW: If A has had his/her key signed by B, C, and D, these signatures will get stripped off when stored on the server unless B, C, and D has uploaded their keys to the Server. To get an accurate key onto the server, A must reload his/her key again after B, C, and D (who must also reupload so the copies signed by the others is the "official" copy that is stored.

<Prev in Thread] Current Thread [Next in Thread>