[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trust and Transitivity

To: Tony Bartoletti <azb@llnl.gov>
Subject: Re: Trust and Transitivity
From: "E. Gerck" <egerck@laser.cps.softex.br>
Date: Thu, 22 May 1997 22:35:40 -0300 (EST)
Cc: spki@c2.net
In-Reply-To: <199705222346.QAA23534@cheetah.llnl.gov>
Reply-To: "E. Gerck" <egerck@laser.cps.softex.br>
Sender: owner-spki@c2.net

On Thu, 22 May 1997, Tony Bartoletti wrote:

-> Ed Gerck wrote "However, trust is not transitive."
-> 
-> I believe that, functionally speaking, trust IS transitive, in as much as we
-> speak to the limited domains of trust represented by signed (auth tag) certs.
-> 
-> When I sign your key with the tag X, I am saying that I trust you to be
-> (honest, knowledgeable, use-good-judgement) in matters of X.  I may not
-> trust Khaddafi in such matters, or think that I do not, but if YOU do and
-> you are basing your actions on his behalf, than I am implicitly trusting
-> Khaddafi.  Had I known that you get your direction from Khaddafi, I might
-> not have placed trust in you in the first place, but that is a another issue.
-> 

Tony:

No. Your example actually proved my assertion.

To make it more clear, let me use a quantitative example.

Suppose:

1. Skywalker signs Alice's key with tag X, so Skywalker trusts Alice in
matters of X,

2. Skywalker meets Bob and Bob decides that he trusts Skywalker in matters
of X.

The question is: "Can you say that Bob trusts Alice in matters of X, based
on the two assertions before?" 

The answer is "No". Let's see why.

The action here is that Skywalker is referring Alice to Bob -- that is,
Bob "borrows trust" from Skywalker regarding Alice but Bob does not have
to "buy" the whole story.  

In other words, this is NOT a transitive behavior because you CANNOT
guarantee that if Skywalker trusts Alice with degree "a" and if
Bob trusts Skywalker with degree "b" then Bob trusts Alice
with degree "c" such that c = a * b. 

For example, Bob may trust 100% Skywalker to be who Skywalker claims to be
and also what Skywalker claims to do in matters of X, but MAY NOT trust
Skywalker's choice of friends! (this would mean a=1, b=1, but c=0)

This is a common misconception, which I have avoided -- for example -- in
my discussion of PGP in an Overview paper published in
http://novaware.cps.softex.br/mcg.htm

Cheers,

Ed Gerck

______________________________________________________________________
Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
http://novaware.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533

Follow-Ups:

Re: Trust and Transitivity

From: Camillo Särs <Camillo.Sars@DataFellows.com>

References:

Trust and Transitivity

From: azb@llnl.gov (Tony Bartoletti)

Prev by Date: Re: Trust and Transitivity
Next by Date: Re: Trust and Transitivity
Prev by thread: Re: Trust and Transitivity
Next by thread: Re: Trust and Transitivity
Index(es):
- Main
- Thread