X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=website%2Ftrust-models.mdwn;h=789e3a3712174ee3103fbd25191e7a4d39ef5df0;hb=71d180394c3357d2a99e9f1fc6a2fa7514552da9;hp=792c6b65d27aa206ab15caa7e96b2797af505ad7;hpb=47310fe430e417934b582b9aa716a9de473ac46a;p=monkeysphere.git diff --git a/website/trust-models.mdwn b/website/trust-models.mdwn index 792c6b6..789e3a3 100644 --- a/website/trust-models.mdwn +++ b/website/trust-models.mdwn @@ -6,11 +6,11 @@ Monkeysphere relies on GPG's definition of the OpenPGP web of trust, so it's important to understand how GPG calculates User ID validity for a key. -The basic question asked is: For a given User ID on a specific key, -given some set of valid certifications (signatures), and some explicit -statements about whose certifications you think are trustworthy -(ownertrust), should we consider this User ID to be legitimately -attached to this key (a "valid" User ID)? +The basic question that a trust model tries to answer is: For a given +User ID on a specific key, given some set of valid certifications +(signatures), and some explicit statements about whose certifications +you think are trustworthy (ownertrust), should we consider this User +ID to be legitimately attached to this key (a "valid" User ID)? It's worth noting that there are two integral parts in this calculation: @@ -85,7 +85,7 @@ These colon-delimited records say (in order): * `1`: uses new "PGP" trust model (0 would be the "Classic trust model") -- see below * `1220401097`: seconds since the epoch that I created the trust db. * `1220465006`: seconds after the epoch that the trustdb will need to be rechecked (usually due to the closest pending expiration, etc) - * `3`: Either 3 certifications from keys with marginal ownertrust are needed for full User ID+Key validity + * `3`: Either 3 certifications from keys with marginal ownertrust ... * `1`: Or 1 certification from a key with full ownertrust is needed for full User ID+Key validity * `5`: `max_cert_depth` (i'm not sure exactly how this is used, though the name is certainly suggestive)