gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] OpenPGP Keys

From: Ludovic Courtès
Subject: Re: [gnutls-dev] OpenPGP Keys
Date: Thu, 19 Apr 2007 14:32:22 +0200
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) 
Hi,

Timo Schulz <address@hidden> writes:

> See above. In GPG it is a value from 1 to 5 to the question:
>
> "how far you trust the owner of the key to correctly verify other keys"
>
> 1 = don't know or won't say
> 2 = do not trust
> 3 = trust marginally
> 4 = trust fully
> 5 = trust ultimate
>
> (5 is mostly useful for key pairs, other applications call it
>  "implicit trust")

Simon Josefsson <address@hidden> writes:

> I still do not understand if this is a OpenPGP or GnuPG concept.  If
> it is a GnuPG concept, and there is no equivalent OpenPGP concept to
> solve the same problem, I'm not sure we should use it.

This seems to be a GnuPG feature [0], not an OpenPGP thing.

It tells whether you consider the owner of the public key to be a
"trusted introducer", i.e., someone who makes careful key ownership
verifications before signing somebody else's key.

This is used to estimate the trustworthiness of a certificate based on
the signatures it contains, in a pure web-of-trust fashion (see the
example in [1]).

RFC 2440 defines no such thing AFAICS.  Nevertheless, this may be a
useful tool for GnuTLS, too (see the discussion on `help-gnutls').

Thanks,
Ludovic.

[0] http://www.gnupg.org/gph/en/manual.html#AEN346
[1] http://www.gnupg.org/gph/en/manual.html#AEN385
reply via email to
[Prev in Thread] Current Thread [Next in Thread]