1996-05-11 - Re: Transitive trust

Header Data

From: Ray Arachelian <sunder@dorsai.dorsai.org>
To: Steve Reid <root@edmweb.com>
Message Hash: acb66c3225c788de1d56d691571cabe1970534353df0802f3a41c6dad2db2c65
Message ID: <Pine.SUN.3.91.960509213411.632B-100000@dorsai>
Reply To: <Pine.BSF.3.91.960508152010.283A-100000@bitbucket.edmweb.com>
UTC Datetime: 1996-05-11 01:17:22 UTC
Raw Date: Sat, 11 May 1996 09:17:22 +0800

Raw message

From: Ray Arachelian <sunder@dorsai.dorsai.org>
Date: Sat, 11 May 1996 09:17:22 +0800
To: Steve Reid <root@edmweb.com>
Subject: Re: Transitive trust
In-Reply-To: <Pine.BSF.3.91.960508152010.283A-100000@bitbucket.edmweb.com>
Message-ID: <Pine.SUN.3.91.960509213411.632B-100000@dorsai>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 May 1996, Steve Reid wrote:

> When you sign a key, you are placing your reputation on the line, so you 
> must be certain that the level of trust you're placing is appropriate. 
> But what happens when someone goes rogue and ignores credentials, and 
> signs keys of anyone who is willing to pay the price? You would regret 
> signing the rogue person's key. So, IT SHOULD BE POSSIBLE TO REVOKE 
> TRUST, in order to protect your own reputation.

> PGP currently only allows a person to revoke their own key. Most people 
> would revoke their key if it were stolen, to protect their own 
> reputation. However, some people may be unwilling or unable to revoke 
> their own key, and if you signed that key, your reputation may be 
> affected. Clearly, it should be possible to remove your signature from 
> someone's key.


But it is - it's a pain in the ass, but you can always revoke your own 
key and generate a new one, then sign everyone's keys whom you've signed 
as trusted, EXCEPT the one you wish to revoke.
 
> What it all comes down to is reputation. Protect your reputation, and 
> you could make a living on your reputation alone.

Ah, but first you have to build yourself a reputation before you can live
off it alone.  :) That includes doing cool things other than building
reputations by signing keys.


==========================================================================
 + ^ + |  Ray Arachelian |FH|       KAOS KERAUNOS KYBERNETOS      |==/|\==
  \|/  |sunder@dorsai.org|UE|__Nothing_is_true,_all_is_permitted!_|=/\|/\=
<--+-->| --------------- |CC|What part of 'Congress shall make no |=\/|\/=
  /|\  |    Just Say     |KD|law abridging the freedom of speech' |==\|/==
 + v + | "No" to the NSA!|TA|        do you not understand?       |=======   
===================http://www.dorsai.org/~sunder/=========================
Obscenity laws are the crutches of inarticulate motherfuckers-Fuck the CDA






Thread