X.509 / PKI, PGP, and IBE Secure Email Technologies

Ed Gerck edgerck at nma.com
Fri Dec 16 13:11:28 EST 2005 

James A. Donald wrote:
>     --
> From:           	Werner Koch <wk at gnupg.org>
>> You need to clarify the trust model.  The OpenPGP
>> standard does not define any trust model at all.  The
>> standard merely defines fatures useful to implement a
>> trust model.
> 
> "Clarifying the trust model" sounds suspiciously like
> designers telling customers to conform to designer
> procedures.  This has not had much success in the past.
> 
> People using PGP in practice verify keys out of band,
> not through web of trust.

James,

Yes. Your observation on out-of-band PGP key verification
is very important and actually exemplifies what Werner
wrote. Exactly because there's no trust model defined
a priori, uses can choose the model they want including
one-on-one trust.

This is important because it eliminates the need for a
common root of trust -- with a significant usability
improvement.

If the web of trust is used, the sender and recipient must
a priori trust each other's key signers, requiring a
common root of trust -- that may not even exist to begin
with.

So, instead of worrying about what trust model PGP uses,
the answer is that you can use any trust model you want --
including a hierarchical trust model as used with X.509.

Jon Callas and I had several conversations on trust in
May '97, when Jon visited me for two weeks while I was
in Brazil at the time, I think before the OpenPGP WG was
even working on these issues. This is one of the comments
Jon wrote in a listserv then, with a great insight that
might be useful today:

   As I understand it, then, I've been thinking about some
   of the wrong issues. For example, I have been wondering
   about how exactly the trust model works, and what trust
   model can possibly do all the things Dr Gerck is claiming.
   I think my confusion comes from my asking the wrong
   question. The real answer seems to be, 'what trust model
   would you like?' There is a built in notion (the
   'archetypical model' in the abstract class) of the meta-
   rules that a trust model has to follow, but I might buy a
   trust model from someone and add that, design my own, or
   even augment one I bought. Thus, I can ask for a
   fingerprint and check it against the FBI, Scotland Yard,
   and Surite databases, check their PGP key to make sure
   that it was signed my Mother Theresa, ask for a letter of
   recommendation from either the Pope or the Dalai Lama
   (except during Ramadan, when only approval by the Taliban
   will do), and then reject them out of hand if I haven't had
   my second cup of coffee.

Cheers,
Ed Gerck



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list