so it's important to understand how GPG calculates User ID validity
for a key.
-The basic question asked is: For a given User ID on a specific key,
-given some set of valid certifications (signatures), and some explicit
-statements about whose certifications you think are trustworthy
-(ownertrust), should we consider this User ID to be legitimately
-attached to this key (a "valid" User ID)?
+The basic question that a trust model tries to answer is: For a given
+User ID on a specific key, given some set of valid certifications
+(signatures), and some explicit statements about whose certifications
+you think are trustworthy (ownertrust), should we consider this User
+ID to be legitimately attached to this key (a "valid" User ID)?
It's worth noting that there are two integral parts in this
calculation:
* Given that:
- * the key itself is valid, in the first narrow sense used above, and
- * given the UserID's set of cryptographically-correct certifications, and
- * given your personal subjective declarations about who you trust to make certifications (and *how much* you trust them to do this),
+ * the key itself is valid, in the first narrow sense used above, and
+ * given the UserID's set of cryptographically-correct certifications, and
+ * given your personal subjective declarations about who you trust to make certifications (and *how much* you trust them to do this),
is this User ID bound to its key with an acceptable trust path?
* `1`: uses new "PGP" trust model (0 would be the "Classic trust model") -- see below
* `1220401097`: seconds since the epoch that I created the trust db.
* `1220465006`: seconds after the epoch that the trustdb will need to be rechecked (usually due to the closest pending expiration, etc)
- * `3`: Either 3 certifications from keys with marginal ownertrust are needed for full User ID+Key validity
+ * `3`: Either 3 certifications from keys with marginal ownertrust ...
* `1`: Or 1 certification from a key with full ownertrust is needed for full User ID+Key validity
* `5`: `max_cert_depth` (i'm not sure exactly how this is used, though the name is certainly suggestive)