From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 10 May 1996 22:44:32 +0800
To: raph@cs.berkeley.edu
Subject: Re: Transitive trust and MLM
Message-ID: <01I4IICIVOMA8Y5BAX@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"raph@cs.berkeley.edu"  "Raph Levien"  8-MAY-1996 23:28:14.30

>   Now we can actually evaluate the probability of a given key being
>good. Consider a Monte Carlo process in which each edge in the graph is
>present with probability 1-p. For each run, we determine whether the
>recipient's public key (actually the binding between public key and
>recipient's e-mail address) is reachable from our trust root. The
>probability over a large number of runs is (given our assumptions) the
>probability of the key being good.
>   One encouraging consequence of this model is that densely connected
>subgraphs can result in highly trusted keys even if p itself is quite
>small. In a clique of size k, the trust is (very) roughly 1-(1-p)^k. For
>example, if p is a mere 50%, then in a clique of size 10, each key in
>the clique is trusted with a probability of 99.9%.

	Hmm.... I've got the problem with this that the measure you're using
is really good for creating an _upper bound_ for how trustworthy a given key
is - not for how trustworthy it actually is. In other words, a key that has
your, Lance Cottrell (sp?), Black Unicorn's, and TCMay's signatures on it is
pretty reliably determined (at least to me) as being that of whom they say it
is - but that isn't equivalent to how good the person is at determining other
key linkages. It's an upper bound on how good the person is - if you don't
trust a key as not having been compromised (due to a lack of key signatures),
you aren't going to rate it highly as an introducer.
	The interesting question is what relation to this upper bound (and to
other characteristics of the web, such as the degree of mutual signatures in a
chain) the actual introducer trustworthiness has.
	-Allen