Hi,
some organisations use a 'corporate key' to sign stuff ; for example 'spamassessin'. Such keys are signed by the board, but the key signs nothing. I think that is reasonable.
The problem is, such a 'corporate key' is not in the strong set.
How do you feel about extending WOT's to the 'reachable set' ?
-- not much bigger ; I guess some 41000 keys
-- you must extract the 'reachable set' anyway to compute the 'strong set' (that's true, isn't it ??)
-- given the 'reachable set' it is very easy to compute the 'strong set', should you want that.
-- a pathfinder using the 'reachable set' is much more useful, and only a little more difficult to make.
Just an idea ; what do you think ?
Henk Penning
PS. The 'reachable set' is the 'strong set' plus all non revoked, non expired keys reachable from the 'strong set', of course.
HPP
---------------------------------------------------------------- _ Henk P. Penning, Computer Systems Group R Uithof CGN-A232 _/ _ Dept of Computer Science, Utrecht University T +31 30 253 4106 / _/ \ Padualaan 14, 3584CH Utrecht, the Netherlands F +31 30 251 3791 _/ _/ http://www.cs.uu.nl/staff/henkp.html M penning@cs.uu.nl _/