1

When signing a key X in the PGP Web of Trust model, I assign the key full validity. Other people who have my key in their key ring can regard X as valid as far as they fully trust me (owner trust).

This mechanism only works if people know which key I have signed. Can I assume that such signing information is stored on key servers? Does this mean that I have to resend my key to a key server after having signed someone's key?

I am a little bit confused, because in "What is the exact meaning of this gpg output regarding trust?" the first answer contains the statement that

... trust is a kind of signature on other keys, it does not get distributed when uploading keys to key servers.

I would not understand how the PGP trust model works if this was true.

null
  • 525
  • 2
  • 13

1 Answers1

2

This mechanism only works if people know which key I have signed. Can I assume that such signing information is stored on key servers?

Yes, certifications are stored on key servers.

Does this mean that I have to resend my key to a key server after having signed someone's key?

You have to upload a key, but not yours, instead upload the certified key (or ship it to the owner, who can decide whether to upload it or not).


You have to differentiate between different kinds of trust.

Certifications (Signatory Trust)

OpenPGP expects trust in identity to be public, thus certifications being shared. "I believe that Alice is really who she claims to be" is a statement based on facts that can be shared without further implications (maybe apart from network analysis and clustering being possible).

Owner Trust

On the other, you have to decide whom to trust. Certifications issued are only valid, if a key itself is valid (so you can build a trust path to the other user) and you put trust in the certifications of all the users in-between (or partial trust on different paths). "There's Trust and Then There's Trust and Then There's Trust (a nice article on trust in OpenPGP) called this "trust to vouch".

Sharing this kind of trust might have heavy implications. You don't trust in the capabilities to correctly certify others of your boss, wife/husband? They might get this very wrong. It also reveals social connections at a much deeper level, as you have to know the other person to some extend, while you can safely certify a completely stranger's identity by verifying his identity card/passport.

Jens Erat
  • 23,446
  • 12
  • 72
  • 96
  • Thanks. Obviously there are two ways to sign a key. Either you can do this with _gpg --sign-key_ or first you select a key with _gpg --edit-key uid_ and then type "sign". Is there any difference? I chose the second way and now wonder how to to send this information to a key server. – null Jun 18 '15 at 19:21
  • I just found the answer: –sign-key name "Sign a public key with you secret key. This is a shortcut version of the subcommand "sign" from –edit." – null Jun 18 '15 at 19:30
  • Exactly. Trust is issued by running `--edit-key` and a subsequent `trust`. – Jens Erat Jun 18 '15 at 20:01
  • Do I have to manually upload each newly signed key or is there a command to upload all recently changed keys? – null Jun 18 '15 at 20:08
  • `--send-keys` does not require an argument and uploads all public keys. But there might be people around that are _not_ happy if you do so, and want control over their public key (personally, I don't care who uploads my key). – Jens Erat Jun 18 '15 at 20:09