Change Details

Heiko Schaefer suggested to me that there was some strange things happening in GnuPG's "Web of Trust" calculations. {F21856141} Running the above script we see: ``` $ ./wot-strangeness : Alice trust-signs Bob with full (depth 2) : Bob trust-signs Carol with full (depth 1) : Bill trust-signs Carol with marginal (depth 1) : Carol certifies Dave Alice's view of Dave: pub ed25519 2025-04-16 [SC] [expires: 2028-04-15] A4D12801C5F7AA0F815B04B1207C982395DCA708 uid [ full ] Dave : Alice trust-signs Bill with marginal (depth 2) Alice's revised view of Dave: pub ed25519 2025-04-16 [SC] [expires: 2028-04-15] A4D12801C5F7AA0F815B04B1207C982395DCA708 uid [marginal] Dave $ ``` Specifically: Alice tsigning Bill *reduces* her confidence in the validity of Dave's certificate. How is it possible that adding a trust-signature would reduce validity? Before that final tsign, the graph looks like this: ``` ⓕ2 ⓕ1 Alice —→ Bob —→ Carol → Dave [full] 🡕ⓜ1 Bill ``` and Dave's certificate is considered fully valid. But after Alice adds the marginal tsig to Bill, Dave's certificate is only marginally valid: ``` ⓕ2 ⓕ1 Alice —→ Bob —→ Carol → Dave [marginal] ⓜ2 🡖 🡕ⓜ1 Bill ``` What's going on here? Is there something i'm misunderstanding about how the GnuPG evaluates marginal trust signatures?

Heiko Schaefer suggested to me that there was some strange things happening in GnuPG's "Web of Trust" calculations. {F21856141} Running the above script we see: ``` $ ./wot-strangeness : Alice trust-signs Bob with full (depth 2) : Bob trust-signs Carol with full (depth 1) : Bill trust-signs Carol with marginal (depth 1) : Carol certifies Dave Alice's view of Dave: pub ed25519 2025-04-16 [SC] [expires: 2028-04-15] A4D12801C5F7AA0F815B04B1207C982395DCA708 uid [ full ] Dave : Alice trust-signs Bill with marginal (depth 2) Alice's revised view of Dave: pub ed25519 2025-04-16 [SC] [expires: 2028-04-15] A4D12801C5F7AA0F815B04B1207C982395DCA708 uid [marginal] Dave $ ``` Specifically: Alice tsigning Bill *reduces* her confidence in the validity of Dave's certificate. How is it possible that adding a trust-signature would reduce validity? Before that final tsign, the graph looks like this: ``` ⓕ2 ⓕ1 Alice —→ Bob —→ Carol → Dave [full] 🡕ⓜ1 Bill ``` and Dave's certificate is considered fully valid. But after Alice adds the marginal tsig to Bill, Dave's certificate is only marginally valid: ``` ⓕ2 ⓕ1 Alice —→ Bob —→ Carol → Dave [marginal] ⓜ2 🡖 🡕ⓜ1 Bill ``` What's going on here? Is there something i'm misunderstanding about how the GnuPG evaluates marginal trust signatures?

Heiko Schaefer suggested to me that there was some strange things happening in GnuPG's "Web of Trust" calculations. {F21856141} Running the above script we see: ``` $ ./wot-strangeness : Alice trust-signs Bob with full (depth 2) : Bob trust-signs Carol with full (depth 1) : Bill trust-signs Carol with marginal (depth 1) : Carol certifies Dave Alice's view of Dave: pub ed25519 2025-04-16 [SC] [expires: 2028-04-15] A4D12801C5F7AA0F815B04B1207C982395DCA708 uid [ full ] Dave : Alice trust-signs Bill with marginal (depth 2) Alice's revised view of Dave: pub ed25519 2025-04-16 [SC] [expires: 2028-04-15] A4D12801C5F7AA0F815B04B1207C982395DCA708 uid [marginal] Dave $ ``` Specifically: Alice tsigning Bill *reduces* her confidence in the validity of Dave's certificate. How is it possible that adding a trust-signature would reduce validity? Before that final tsign, the graph looks like this: ``` ⓕ2 ⓕ1 Alice —→ Bob —→ Carol → Dave [full] 🡕ⓜ1 Bill ``` and Dave's certificate is considered fully valid. But after Alice adds the marginal tsig to Bill, Dave's certificate is only marginally valid: ``` ⓕ2 ⓕ1 Alice —→ Bob —→ Carol → Dave [marginal] ⓜ2 🡖 🡕ⓜ1 Bill ``` What's going on here? Is there something i'm misunderstanding about how the GnuPG evaluates marginal trust signatures?