[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: encodings, character sets, general requirements
azb@llnl.gov (Tony Bartoletti) writes:
>Regarding ...
>>
>> > Other requirements:
>> > - Trust model must be a web (people want to choose whom they trust).
>> > People must be able to choose whom they trust or consider
>> > reliable roots (maybe with varying reliabilities).
>>
>>The trust model should be a "constrained web", not the current PGP
>>free-for-all.
>> - Bill
>
>Are we dictating a single trust model, or simply asserting that we must
>support "web" and "contrained-web" models, among others? Certainly, the
>effort to explore a simpler certificate should nevertheless aim for support
>of varied trust models.
Web trust models seem to be a more general approach to the problem
and I have yet to find a non-web trust model which could not be emulated
using a web trust model (you just have to be careful about stipulating
who is the "center" of the web and the relationships that can be drawn
from this.) OTOH I have not done a complete study of all of the possible
trust models which might be necessary, is there an example of a trust
system which cannot be expressed through a web model that someone can
present? If the constrained web model has the capability of being able
to express all other models then it seems like a good system to use...
jim