Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesHow PGP Calculates Trust

February 1995 / Core Technologies / The PGP Web of Trust / How PGP Calculates Trust

When you add a new public key to your public-key ring, trust processing proceeds as follows: 

1. If you own the key, a value of ultimate trust is automatically assigned to
   the trust field. Otherwise, PGP asks that you assign a trust assessment to
   the key's owner. You can specify that this owner is unknown, untrusted,
   marginally trusted, or completely trusted.

2. When the new public key is added to the ring, one or more signatures
   can be attached to it. (More signatures can be added later.) When a
   signature is inserted into the entry, PGP searches the public-key ring
   to see if the author of this signature is among the known public-k
ey
   owners. If so, the owner trust value for this owner is assigned to the
   signature trust field for this signature. If not, an unknown-user
   value is assigned.

3. The value of the key-legitimacy field is calculated on the basis of the
   signature trust fields present in this entry. If at least one signature
   has a value of ultimate trust, then the key legitimacy value is set
   to complete. Otherwise, PGP computes a weighted sum of the trust values.
   A weight of 1/X is given to signatures that are always trusted, and
   a weight of 1/Y is given to signatures that are usually trusted, where
   X and Y are user-configurable parameters. When the total weights of
   those introducing a key/UserID combination reaches 1, the binding
   is considered to be trustworthy, and the key legitimacy value is set
   to complete. Thus, in the absence of ultimate trust, at least X
   signatures that are always trusted or Y signatures that are usually
   trusted (or some combination thereof) is nee
ded.
Up to the Core Technologies section contentsGo to previous article: The PGP Web of TrustSearchSend a comment on this articleSubscribe to BYTE or BYTE on CD-ROM  
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network