I also think this is worth thinking about.
The concept of co-signing which has been discussed in X.509, and some of the sunlight on certificates concepts seem to me to go into the same space: constructing enough community trust in a *process* that I can make a judgement call on the six degrees of kevin bacon between me, and some unknown PGP identity.
I am not entirely naieve. I know the friend-of-a-friend model has innate weaknesses. But since we also know (Diginotar, Egyptian RA of CNNIC CA) that the hierarchical model has operational weaknesses, I think we've served ourselves a false dichotomy.
This problem feels to me n-dimensional. You touch on one: the tools. I touch on another: the organisational processes which govern use of the tools.
Even just running key parties is a royal pain. I had to call on two subject-matter experts to help me bootstrap the shell level primitives for key exchange after the last one I attended at RIPE-Amsterdam: the code simply didn't *work* with the mail clients we now have. I could sign fine: I couldn't construct the PEM encoded exchange to send back to the people I had co-signed.
Good on you, for bringing this up Harald.
-G
On Tue, Sep 22, 2015 at 3:59 AM, Harald Alvestrand <harald@xxxxxxxxxxxxx> wrote:
Warning: random PGP musings ahead....
it's been obvious to me since the 90s that the hierarchical models of
trust (CAs, corp signing authorities) are simply restricted webs of
trust. So the WoT model is a more general one than the hierarchical one:
you can represent hierarchy as a WoT (the user trusts the root keys,
trust flows from there), but not vice versa.
I've been saddened by the crippled state of WoT-manipulating user
interfaces since roughly forever.
They seem to be utterly incompetent in answering questions like:
- Are there any friends who have signed for this guy?
- Who do I need to trust in order to trust this guy's key?
- Who are the guys that signed this guy's key, and how can I insert them
all into my keystore?
- How well is he connected into the Web of Trust - is it just one arc,
or a good mesh?
And of course they all seem to have been tested with a trustdb of ~20
keys; doing anything on a trustdb the size of my email directory (order
of magnitude 1000) is just too slow for words; copying the signers of my
correspondents' keys into my keystore would render the UI completely
useless.
I believe the Web of Trust has a great potential as a basis on which to
represent many different trust policies. But the current state of tools
to interrogate and update a trustdb according to those policies is
simply not fit for the task.
Harald