LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Web of trust and fingerprints in print

Web of trust and fingerprints in print

Posted Mar 28, 2010 17:29 UTC (Sun) by PO8 (guest, #41661)
In reply to: Web of trust and fingerprints in print by PaulWay
Parent article: Blaze: The Spy in the Middle

Web of trust is the right solution, if you do it right. It models the situation with paper credentialing rather nicely, and society seems to function pretty well on that system.

The key is that each side needs to be able to easily specify an automatically-checkable trust policy that meets its needs. There is no one "right criterion" for deciding whether to trust a counterpart---different situations and different counterparties demand different levels of trust verification. If the web of trust is treated as a credentialing mechanism, and a trust policy is used to check for the right credentials, then this to my mind is a far better solution than any centrally-run identity-based one.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds