From: IN%"hfinney@shell.portal.com" "Hal" 7-MAY-1996 18:58:41.28
Unfortunately we are left with a choice between three not very good possibilities: accept transitive trust and hierarchical key CA structures; use very flat hierarchies where one signer validates huge numbers of keys; or accept that only a small number of keys can be validated by key signatures. I think all these are troublesome and in fact it makes me question the whole notion of key signatures.
I think the web-of-trust without transitivity of _some_ trust is too limited. If a lot of completely-trusted key signators have signed a key, and that person's key is self-signed and has signed the keys of those key then keys signed with that person's key are significantly more likely to be good than those without this signature. I wouldn't count the person as a completely-trusted signator, but I wouldn't count them at 0 either. However, the above is just my opinion. Have any studies been done of the likelihood of a key to be later discovered to not match up to the claimed nym? I suspect there isn't adequate data as yet, but it could still be a good thing to check. -Allen