Stef, >Hi Steve -- Now we are beginning to connect with the real meta issue. > >I am talking about "Trust Transitivity" in general. >We agree that the DNS offers no trust functions, useful or otherwise. >So, my focus is not on PKI as related to DNS, which is what you >addressed here. > >It the fundamental issue of trust transitivity in PKI. > >I will concede that PKI is transitive in terms of "connectedness" as is DNS. >Both have relations of relatedness, but this does not confer >transitivity on trust. >Trust still has to be earned, not awarded, in any case. > >I am questioning the validity of the widely held assumption that trust is >(or can be) transitive in PKI (or anywhere for that matter). > >So, back to my basic question: > >Is trust transitive anywhere under any conditions? > >I question that it is, until someone proves that: > > "Trust is transitive somewhere/anywhere in real life"; > >and then prove that: > > "Trust is transitive in PKI Theory"; > >and then prove that: > > "Trust is transitive in PKI reality". > >HINT: It will help if you can refer to some Formal Logical Theory of TRUST. > >First, forget PKI and forget DNS, and show that trust is transitive >somewhere under some describable conditions. Then show that trust >is transitive in PKI. > >I know that many people assume that Trust is transitive in PKI. >I am not asking about popular opinion here. >We need some formally logical facts. >If you have some, please show them to us. > >Cheers...\Stef This is getting tiresome. I have the feeling that you do not read to the end my messages. I'll keep this short: - I have never stated that trust is transitive; in fact, I have given numerous talks and written a number of papers that state the opposite, so my position has been consistent and on the record for many years. - although many popular PKIs (including PGP) assume on transitive trust, this it not an intrinsic feature of PKIs. - a PKI in which each CA is authoritative for the name space in which it issues certs need not involve transitive trust. - cross-certification in such a PKI need not involve trust; it can merely represent a recognition by one CA of the authority of another CA for a different part of a name space In the case of DNS, where authority for each part of the name space is well defined, I argue that having the folks who are responsible for the domains assume the role of CA for their domains is a natural way to create a PKI that attests only to the binding of DNS names to keys. I maintain that this does not involve transitive trust. Steve