[Enigmail] Color Coding

Harry Rickards hrickards at l33tmyst.com
Sun May 3 05:34:43 PDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John W. Moore III wrote:
> Harry Rickards wrote:
> 
>> Ok, thanks. If the bar turns green when I sign it it's not that much of
>> a big deal, but do you know if there's anyway so that if the key is
>> *not* signed, but is trusted fully the bar turns green?
> 
> This will entail a description of Depth of Trust.  By that I mean that
> if You are verifying the Sig on a message made with a Key that You have
> _not_ Signed but the Key is Signed by another Key on Your Keyring that
> You have Trust Signed with a Depth of Trust greater than Zero then the
> Enigmail Bar will show Green.  Depth of Trust indicated how many 'hops'
> or 'ripples in the Trust pool' Your Signature extends.
> 
> i.e.  I tsign Your Key with a Depth of Trust of 2 then You sign Alice's
> Key.  I haven't Signed Alice's Key yet when I receive a Signature from
> Alice the Enigmail Bar will show Green because I signed Your Key & You
> have signed Alice's.  If I receive a Message from someone whose Key has
> been signed by Alice the same thing will occur.  This is because the
> 'hops' are 2 Sigs away from My Key.  If I had Signed  Your Key with a
> Depth of Trust of 1 then only Keys Signed by Your Key will show Green
> but Sigs made by folks whose Key You have Signed will show Blue because
> I haven't indicated via My Trust signature that I am extending Trust by
> proxy beyond Your Signature.
> 
> Clear as Mud?  You can also read the GnuPG Manual regarding the tsign
> Command.  In PGP this is indicated by looking at the Signatures on a
> Key.  Standard/Normal exportable sigs have a Trust Depth of 0 and will
> be indicated with a Yellow Pencil but Trust Sigs [PGP calls 'em Trusted
> Introducer] will be indicated with a Black Pencil.
> 
> Owner Trust is determined by the simple presence of Your Signature on a
> Key.  Calculated Trust is determined based upon the Depth of Trust
> extending from a Signature on the Key being verified.
> 
> HTH
> 
> JOHN ;)
> Timestamp: Sunday 03 May 2009, 08:12  --400 (Eastern Daylight Time)

Ok, thanks for the explanation. That clears my problem up.

- --
Many thanks
Harry Rickards (a.k.a l33tmyst)

- -----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ !E W+++ N o? K+
w--- O- M- V-PS+  PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y?
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkn9j2MACgkQ1kZz3mRu0GooCQCg5noJcJXgDS/VDZNKrnKIiqFG
huYAn2ziuikveHr2P5Y36abfM2t/dqtj
=XDHk
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list