1996-03-08 - Re: Web of Trust vs other models

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 1f1dbde267795840e38a42a7af2f886c725432da469f05fef92b4ead62db8e7e
Message ID: <199603041818.KAA27672@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1996-03-08 21:57:13 UTC
Raw Date: Sat, 9 Mar 1996 05:57:13 +0800

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Sat, 9 Mar 1996 05:57:13 +0800
To: cypherpunks@toad.com
Subject: Re: Web of Trust vs other models
Message-ID: <199603041818.KAA27672@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Bill Stewart <stewarts@ix.netcom.com>
> 
> Meanwhile, Don Kitchen at one point collected all the data off the
> MIT keyserver for analysis, which is a much different problem than
> random signatures.  I found that the chain from some middle point,
> such as Phil Zimmermann's or Derek Atkins's key was about 12-14 levels
> deep, averaging about 6, which compares interestingly with the
> default PGP depth limit of4.  From my key, it was pretty deep,
> especially since my certification from Phil Karn was from one of
> his older keys, which is why I asked Derek to sign my key...

Let's not forget that the web of trust only works if you personally
know and trust the next-to-last person in the chain (the one who signed
the key you are interested in).  Chain length doesn't matter if you've
never heard of the last signer.

Hal





Thread