influence of signature type on trustdb

Niels Laukens niels at dest-unreach.be
Thu Feb 7 15:56:00 CET 2013


On 2013-02-07 15:09, David Shaw wrote:
> On Feb 7, 2013, at 5:12 AM, Niels Laukens <niels at dest-unreach.be> wrote:
> 
>> Hi,
>>
>> I'm trying to figure out what the influence is of the different
>> signature types (0x10-0x13). As far as I can tell, they only _indicate_
>> the signers trust in his own sig, but isn't used in any way by GPG. Is
>> this correct?
> 
> Basically correct. All of the signature types are equal except for 
> the influence of --min-cert-level. By default, that's set to 2, so
> the 0x11 "persona" signature is ignored when building the trustdb. A
> signature whose very definition indicates that the person didn't
> check before making it, is probably one you want to skip :)

OK, would it make sense to use this level in the trust calculation?
Similar to the `marginal` ownertrust: three type 0x12 sigs equivalent to
one type 0x13 sig? With the numbers configurable, preferably.

I guess this would make the trustdb calculations a little more
complicated, because both ownertrust and siglevel need to be taken into
account, but to me it feels like a "better" way.

Or am I missing some obvious reasons why this is a bad idea?

Niels



More information about the Gnupg-users mailing list