How to change trust model

Wed May 11 22:05:52 CEST 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 03:00 2005-05-11, David Shaw wrote:
 >On Wed, May 11, 2005 at 02:22:28AM +0200, Per Tunedal Casual wrote:
 >> At 00:21 2005-05-11, David Shaw wrote:
 >>  >On Wed, May 11, 2005 at 12:16:03AM +0200, Per Tunedal Casual
 >>  >wrote:
 >>  >
 >>  >> Scenario:
 >>  >> A new user has to quickly download keys to his contacts. The
 >>  >> keys
 >>  >> are
 >>  >> signed by a mutually trusted CA.
 >>  >> How can he get valid keys to use trusting the CA, rather than
 >>  >> having
 >>  >> to check  and sign each of them?
 >>  >
 >>  >You don't need trust signatures or any special trust models for
 >>  >this.
 >>  >If you trust the CA, sign the CA key.  If the CA has signed your
 >>  >contacts, then you're done.  The contact keys are now valid.
 >>  >
 >>  >David
 >>  >
 >> Yes, David, you are right. I want a bit more.
 >>
 >> Some contacts may not be directly signed by the CA, then the trust
 >> model will be important, I suppose. How can the signature of the CA
 >> be
 >> useful as far down the tree as possible?
 >>
 >> Can you please explain the PGP-model and how to issue trust
 >> signatures
 >> (tsign), with the implications for the validity of keys.
 >
 >First, read this:
 >
 >http://download.cryptoex.com/documents/whitepaper/cex2003-pgp-in-unter
 >nehmen
 >-en/Tech%20White%20Paper%202002%20-%20Using%20OpenPGP%20in%20Corporati
 >ons.pdf
 >
 >It's a very good explanation of trust signature concepts.
 >
 >How they are used specifically in GnuPG is via the 'tsign' command.
 >tsign is just like sign (or lsign) except that you are asked a few
 >more questions by GnuPG.  Think of tsign as a combination of a
 >regular
 >signature plus the ownertrust.  This combines two different things
 >from the classic trust model into one signature.
 >
 >First you are asked:
 >
 >   Please decide how far you trust this user to correctly verify
 >   other
 >   users' keys (by looking at passports, checking fingerprints from
 >   different sources, etc.)
 >
 >     1 = I trust marginally
 >     2 = I trust fully
 >
 >This is similar to the question you get asked when setting
 >ownertrust.
 >What GnuPG is asking is not how much you trust the user, but how much
 >you trust the user to make good signatures.
 >
 >The next question is:
 >
 >   Please enter the depth of this trust signature.
 >   A depth greater than 1 allows the key you are signing to make
 >   trust signatures on your behalf.
 >
 >The signature depth is how many levels "deep" can the power granted
 >by
 >this signature travel.  For example, a level of 1 means that the key
 >you sign is valid for you (just like a regular signature), but also
 >that the ownertrust for this key is automatically set to MARGINAL or
 >FULL (depending on how you answered the first question).  A level of
 >2
 >means that the key you sign is valid for you, and the ownertrust is
 >automatically set, AND (assuming the trust made it to FULL) that this
 >key can issue signatures up to level 1 on your behalf.  A level of 3
 >means all that, plus the key can issue signatures up to level 2, etc.
 >
 >You can think of a regular signature as a trust signature with a
 >depth
 >of 0.
 >
 >The next question:
 >
 >   Please enter a domain to restrict this signature, or enter for
 >   none.
 >
 >This allows you to restrict (by domain name) the power of the
 >signature.  For example, let's say that you wanted to make a level 2
 >signature on a CA key for a particular company.  You should be
 >careful
 >with making any level above 1, so you want to restrict this to that
 >company.  By giving a restriction of companyname.com here, only
 >signatures issued by the CA key on keys in companyname.com will take
 >effect.
 >
 >That's pretty much it.  If you think about it, tsign is not generally
 >useful outside of hierarchial environments with CAs.  Some people are
 >in hierarchial environments though, and this lets them interoperate.
 >
 >Incidentally, you can combine tsign with any of the other signing
 >types (lsign, nrsign) in any combination you like: ltsign is a local
 >trust signature, nrltsign is a nonrevocable local trust signature,
 >etc.
 >
 >David
 >
Hi again David,
now I tried:
1. Creating one Root-CA, signing a CA-key by:
gpg --edit-key keyid
tsign
with 2 = I trust fully
and
  depth = 2

2. Letting a "user key" sign the Root-CA-key with
ltsign
with 2 = I trust fully
and
  depth = 2

Result:
Keys signed by the CA-key are valid for the user.

Questions:
Please explain the depth i detail.

A. Would it be sufficient to choose depth = 1 for both trust
signatures above?
B. What happens if a key signed by the CA signs an other key with an
ordinary exportable signature?
C Why choose depth = 2? A scenario?

Per Tunedal

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Vad är en PGP-signatur? www.clipanish.com/PGP/pgp.html

iD8DBQFCgmWPpPsTvNtsBX8RAmPlAJ9FiGjvWCyuZbQGeVmxxhO38FyXrgCfQDHb
Su2RKtnglJAtPGHtEciOD6s=
=O6iV
-----END PGP SIGNATURE-----