Web of Trust vs other models
Hal
hfinney at shell.portal.com
Fri Mar 8 13:57:13 PST 1996
From: Bill Stewart <stewarts at ix.netcom.com>
>
> Meanwhile, Don Kitchen at one point collected all the data off the
> MIT keyserver for analysis, which is a much different problem than
> random signatures. I found that the chain from some middle point,
> such as Phil Zimmermann's or Derek Atkins's key was about 12-14 levels
> deep, averaging about 6, which compares interestingly with the
> default PGP depth limit of4. From my key, it was pretty deep,
> especially since my certification from Phil Karn was from one of
> his older keys, which is why I asked Derek to sign my key...
Let's not forget that the web of trust only works if you personally
know and trust the next-to-last person in the chain (the one who signed
the key you are interested in). Chain length doesn't matter if you've
never heard of the last signer.
Hal
More information about the cypherpunks-legacy
mailing list