PGP Trust Levels and Signature Types Explained
Table of Contents
so last time we introduced the basics of how PGP works. This time, we cover something slightly more in-depth : signature types, and trust levels .
Signatures
To recap, a touch here is referring to a cryptanalytic touch on a user ’ second key, showing that you either hope said key, or have verified that the key you signed belongs to the user that it claims .
Signature Types
There ’ s four different types of signatures you can attach to a particular PGP key, and note that they ’ re not all disjoined, you can mix-and-match if you like .
Normal Signature
This is the basic signature type, with nothing extra attached, except possibly a trust floor, but we ’ ll embrace that later.
Trust Signature
A confidence signature is rarely used, but this is used for trust delegating. When making a trust key signature, you are allowed to specify the depth to which it will apply, and this allows the sign key to therefore make hope signatures on your behalf. Trust signatures besides impart a de facto reliance grade on the identify to you or anyone who trusts you. This international relations and security network ’ thyroxine actually used, but if you ’ re organizing your multiple keys, of have some complex trust system in place in, say, some company or bric-a-brac, it might be useful. For most users, it ’ s not a thing you ’ ll be using .
Local Signature
A local signature is a key signature that does not leave your device, meaning if you publish the key to a keyserver, any local signatures will not be sent over with it. Reasons for doing this are basically completely up to you, but it is a possibility. You can tag any other signature as “ local ” to prevent it from being sent when published .
Non-Revocable Signature
This is one that should very entirely be used meagerly, since it does break one of the fundamental parts of PGP : if your key is lost or compromised, you can publish a revocation to make everyone else treat it as invalid. A non-revocable signature bypasses this : this touch is constantly going to be valid, even if the key that made it is not. I see very few reasons to ever do this, but the choice does exist, for some reason .
Trust Levels
Every key and drug user ID may be trusted to a certain come, or not at all. You yourself can mark certain keys as trusted manually, but the majority of believe should come from trust keys signing other keys, thus creating…. the web of trust .
Unknown
This is the default option trust level, where there is not enough information to discern the trust of a key .
Never
You have explicitly marked a key therefore that any signatures from it are never trusted, something most normally used if, say, you know the key holder is compromised, making bag signatures, or not verifying keys before signing them.
Marginal
Marginal reliance means that they ’ ra adept, but not excessively good. For a identify to be marked as “ trusted, ” it will need signatures from three keys you ’ ve given borderline believe to .
Full
Full reliance should be used for keys that, well… you trust. Unlike bare trust, full reliance only requires one signature on a key to mark it as trusted .
Ultimate
Only use with your own keys! Ultimate trust is the highest level of trust, and should only be used for your own keys. Others, if well verified, should be given full moon trust, and, if you ’ re not besides certain, use borderline trust .
Signature Certification Levels
When you sign a key, with GPG, it requires that you have the choice ask-cert-level enabled to do this, you have an choice of assigning a “ documentation horizontal surface ” to your signature. This is completely optional and has no real number system of weights to it, unlike signatures and trust levels, this is more of an indicator for anyone looking at the key and your signatures, so they themselves can decide how a lot religion they put in your signatures .
None Specified
This is the “ prefer not to say ” option. Nothing truly special here. No indication given. If you didn ’ metric ton pick an option when sign, or didn ’ t have the progress mode turned on to even be asked about this in the first place, this is what your signatures are marked as.
No Verification
besides called a sig1. Signing person ’ south key as sig1 indicates that you have in truth not verified that the key is actually theirs. You may believe it is there but have done no actual verification of such .
Casual Verification
besides called a sig2. You ran a few checks to make sure that the key you ’ rhenium sign belongs to the person identified in it, but nothing excessively major .
Extensive Verification
besides called a sig3. You are wholly sure that the samara you ’ rhenium bless belongs to the drug user it says it does, and have verified this with extreme confidence .