[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trust question (addendum)

A few private messages posed some context difficulties and general
questions regarding the three trust propositions for which I
requested the list's help. I'll summarize them below, as they may be
useful for others.

1. What is the posting's purpose? 

The posting contained two experiments in one ;-)

First, in an area where opinions are very diffuse, it might be a
better idea to discuss and decide by consensus, rather than by logic
-- and such is the *first* experiment.

For example, supose you want to know what is "right": CD-ROM or
CDROM? To resolve the two forms you could look into linguistics and
try to form an opinion. Or, you could just consult Altavista and
count word occurrences of each form and then decide by consensus.

Trust being a concept which is perhaps better understood than
explained offers an opportunity for such approach, where several
inquiring minds in widely different backgrounds might constitute a
reasonable random ensemble from which to extract a consensus view on
trust and on trust relations. 

Second, the trust questions posed arise naturally when one considers
PKIs and there are several divergent readings of them. So, it is
certainly useful to be able to answer them either in an authoritative
way -- either by wide consensus or by truth of logic (clearly, the
preferred method).

2. Will all results be known so anyone can use them or refer to them?

This focused enquiry and the results will be shared, of course, also
with results from other fora.

3. Can I submit a private result or with name withheld?

Yes, you can do it privately, publicly, pseudonimously or

4. I don't immediately see plausible situations for the cases
provided as examples (with A = subscriber, etc.) How are A, B
and C to be interpreted?

The example provided for A, B and C was surely one of several and
just to avoid a lack of context. You can also use B for the CA or
whatever other combination you prefer, or no CA and just take A, B
and C as parties in a contract or as friends in three different PGP
keyrings or as merchant, client and bank in an e-commerce

However, there are indeed several useful situations for the provided
cases even though that does not need to concern us now. For the
analysis at hand, however, you do not have to make any assumptions
about A, B and C. They can just be considered as independent agents
**before** the expressions are applied. 

5. I don't understand what "first FOO then BLAH" means. In your
propositions, I need to know what the grammar means. 

All three propositions have staments with the following form:  
"B trusts C on matters of x" -- which contains placeholders for trust
as a transitive verb: who trusts? who is trusted? trusted for what? 
and as such all three are necessary to qualify the trust
relationship. Note that trust as an intransitive verb would just mean
that x is the universe set (in set theory).

Thus, to be precise, when a statement says "B trusts C on matters of
x" this means that B knows exactly what C will do regarding matters
of x. 

And that's why C is trusted on matters of x by B, because C can be
100% predicted when dealing with matters of x -- no surprises are
expected, as judged by B. In other words, B trusts C to correctly
handle matters of x, whatever they are that B has decided to trust
B with. 

It does not really matter if x is defined as "generation of a random
public-key pair" (ie, something that C will do) or "asking a machine
that is trusted by C to generate a random public-key pair"  (ie,
something that C will choose others to do). 

Thank you for any helpful comments that you can provide on the three
trust propositions, regarding their equivalence or lack of, two at a
time, to wit: 

1.first C trusts B on matters of y and then A trusts C on matters of x
2.first A trusts C on matters of x and then A trusts B on matters of y
3.first A trusts C on matters of x and then C trusts B on matters of y



Dr.rer.nat. E. Gerck                     egerck@novaware.cps.softex.br
    --- Meta-Certificate Group member, http://www.mcg.org.br ---