[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Requesting your thoughts on a web of trust scheme

From: Robert J. Hansen
Subject: Re: [Sks-devel] Requesting your thoughts on a web of trust scheme
Date: Fri, 09 Dec 2011 09:36:36 -0500
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20111105 Thunderbird/8.0

On 12/9/2011 12:36 AM, Daniel Kahn Gillmor wrote:
> I'm not sure this is OT on sks-devel, unfortunately, so it'll be my last
> post on-list on this thread.

Likewise, although I suspect here is as on-topic a place as we'll find.

> I see two main ways the proposal could use improvement as presented:

I'll reduce my criticisms down to a very simple one:

Trust is a human concept, not a mathematical one.  We all know someone
who trusts someone they shouldn't, even though they know better.  Odds
are good that we're examples of this ourselves (I know I am).

OpenPGP gets around this by using the word "trust" in an extremely
narrow sense, one that makes it useful for a particular task and not
much more.  This proposal never defines trust with sufficient precision
for me to feel comfortable with the document: it attempts to create an
infrastructure to support ... what, exactly?

Until the problem can be precisely and accurately described, no solution
is possible.

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]