Ok, we are getting somewhere now. So, I ask, where does trust come from in PKI if not from transmission via some 3rd party CERT issuer, which I understand to be a use of transitivity of trust from the CERT buyer, though the CA to the relying party. Maybe this is is erroneous thinking, but if so, please explain how the trust information is passed from the CERT holder through the CA to the cert recipient who will use if as a basis of trust. To me, this looks like transitivity. A trusts B; C Trusts A; therefore C trusts B???? Cheers...\Stef At 5:15 PM -0400 6/14/02, Stephen Kent wrote: >Stef, > >>Hi Steve -- Now we are beginning to connect with the real meta issue. >> >>I am talking about "Trust Transitivity" in general. >>We agree that the DNS offers no trust functions, useful or otherwise. >>So, my focus is not on PKI as related to DNS, which is what you >>addressed here. >> >>It the fundamental issue of trust transitivity in PKI. >> >>I will concede that PKI is transitive in terms of "connectedness" as is DNS. >>Both have relations of relatedness, but this does not confer >>transitivity on trust. >>Trust still has to be earned, not awarded, in any case. >> >>I am questioning the validity of the widely held assumption that trust is >>(or can be) transitive in PKI (or anywhere for that matter). >> >>So, back to my basic question: >> >>Is trust transitive anywhere under any conditions? >> >>I question that it is, until someone proves that: >> >> "Trust is transitive somewhere/anywhere in real life"; >> >>and then prove that: >> >> "Trust is transitive in PKI Theory"; >> >>and then prove that: >> >> "Trust is transitive in PKI reality". >> >>HINT: It will help if you can refer to some Formal Logical Theory of TRUST. >> >>First, forget PKI and forget DNS, and show that trust is transitive >>somewhere under some describable conditions. Then show that trust >>is transitive in PKI. >> >>I know that many people assume that Trust is transitive in PKI. >>I am not asking about popular opinion here. >>We need some formally logical facts. >>If you have some, please show them to us. >> >>Cheers...\Stef > >This is getting tiresome. I have the feeling that you do not read to >the end my messages. I'll keep this short: > > - I have never stated that trust is transitive; in fact, I >have given numerous talks and written a number of papers that state >the opposite, so my position has been consistent and on the record >for many years. > > - although many popular PKIs (including PGP) assume on >transitive trust, this it not an intrinsic feature of PKIs. > > - a PKI in which each CA is authoritative for the name space >in which it issues certs need not involve transitive trust. > > - cross-certification in such a PKI need not involve trust; >it can merely represent a recognition by one CA of the authority of >another CA for a different part of a name space > >In the case of DNS, where authority for each part of the name space >is well defined, I argue that having the folks who are responsible >for the domains assume the role of CA for their domains is a natural >way to create a PKI that attests only to the binding of DNS names to >keys. I maintain that this does not involve transitive trust. > >Steve