The future of security
bear
bear at sonic.net
Sun May 30 15:36:53 EDT 2004
On Sat, 29 May 2004, Russell Nelson wrote:
>Eugen Leitl writes:
> > If I'm a node in a web of trust (FOAF is a human), prestige will
> > percolate through it completely. That way I can color a whole
> > domain with a nonboolean trust hue, while a domain of fakers will
> > have only very few connections (through compromises, or human
> > mistakes), which will rapidly sealed, once actually used to do
> > something to lower their prestige ("I signed the key of a spammer,
> > please kill me now").
>
>http://www.web-o-trust.org/
>
>The trouble is that it requires human action, which is expensive and
>becoming more expensive.
The bigger problem is that webs of trust don't work.
They're a fine idea, but the fact is that nobody keeps
track of the individual trust relationships or who signed
a key; few people even bother to find out whether there's
a path of signers that leads from them to another person,
or whether the path has some reasonably small distance.
I have not yet seen an example of "reputation" favoring
one person over another in a web of trust model; it looks
like people can't be bothered to keep track of the trust
relationships or reputations within the web.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list