- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 20 Jun 2018 22:02:09 +0200
- To: Henry Story <henry.story@bblfish.net>, Credentials Community Group <public-credentials@w3.org>
The to date only provably scalable trust scheme I'm aware of is the "four corner model" used by banks. That is, clients trust their respectively banks which in turn trust each other. A down-side of that model is that it is hard to combine with end-2-end security. Anders On 2018-06-20 21:11, Henry Story wrote: > Hi all, > > I wrote a blog post entitled perhaps a little teasingly > with the title of this thread. This followed a longer > entry on Digital Sovereignty I wrote, where I get into > the concept of an institutional Web of Trust. This lead > Prof Bryan Ford in the distributed/decentralised systems > group at EPFL in Lausanne to ask why that Web of Trust would > be more successful and avoid the problems of the PGP one. > > So I had to look into what the exact problems with the PGP > web of trust was. But as certain obvious limitations were > clear from reading the PGP spec and as I thought it would > be unjust to tie them to such accidental errors I imagined > what would happen if they evolved to using the W3C Verifiable > Claims standards. > > https://medium.com/@bblfish/what-are-the-failings-of-pgp-web-of-trust-958e1f62e5b7 > > Please let me know if I have misunderstood something. > I am covering quite a lot of ground here. > > Feedback very much welcome :-) > > Henry Story > http://co-operating.systems/ >
Received on Wednesday, 20 June 2018 20:02:35 UTC