Wotsap
Home Search News FAQ Mailing lists Download Dissecting the Leaf of Trust Thanks Links	Wotsap FAQ What is Wotsap? Wotsap is a pathfinder for the OpenPGP Web of Trust, which also produces some statistics and similar things which are easy to do when you have a database of all keys and signatures in the largest strongly connected set. Web of what? The OpenPGP Web of Trust. OpenPGP is the most widely used email encryption standard, used by encryption software such as the GNU Privacy Guard. To encrypt to someone or verify someone's signature, you need that persons OpenPGP key. Say you want to verify a digital signature made by Bob. To get Bob's key is easy with some help from keyservers, being sure you got the right key is the tricky part. This is accomplished either by meeting Bob in person and exchanging signatures, or by trusting someone else, who you have met in person, who claims to have met Bob. Or by trusting someone who has met someone who has met Bob. This gives rise to a completely decentralized network of trusts between people. For a more detailed explanation, see the GNU Privacy Handbook or Patrick Feisthammel's explanation. What is the "largest strongly connected set"? A strongly connected set of OpenPGP keys is a set of keys in which a signature path exists from each key to every other key. If two large strongly connected sets exists, it only takes one signature from one of the sets to the other and another signature in the other direction for the two sets to join a form a larger set. Therefore one very large strongly connected set naturally appears, with the rest of them being very small. Since the smaller strongly connected sets are small enough to graph completely using only paper and pen, Wotsap only keeps track of the large strongly connected set. What is "MSD"? MSD, or Mean Shortest Distance, is a measure of how easy a key is to trust. There exists lots of other similar measures, but MSD is easy to understand, fast and easy to calculate and very popular for the OpenPGP Web of Trust. The Shortest Distance between two keys is the minimum number of signatures you have to follow to get from the first key to the second. The Mean Shortest Distance of a particular key is the Mean value of the Shortest Paths from all other keys to that key. Notice the direction the signatures are followed - the MSD of a key is independant on how many signatures that key has made. It would be possible to calculate an MSD value in the other direction too, but that would encourage lots of fake signatures to get a get a low MSD value. Why not include the whole reachable or reaching set? One might imagine including the largest strongly connected set plus the set of keys that can reach that set. However, the advantages are very small. A key owner in that situation has probably just signed a few keys that can be used to reach the rest, and can do searches from those keys instead. Furthermore, including the reaching set will encourage people to sign a random key just to be included. Including the reachable set is a better idea. However, due to techical reasons regarding the way the key information is extracted, that is much more complicated. The reachable set will probably be included some time in the future. As soon as anyone writes the code to do it. How does my key and signatures get into the database? You or someone signing your key uploads your key, with signatures, to a keyserver. By key server syncing, your key soon ends up at the swiss keyserver. The next night the keyserver runs the pks2wot program which extracts information about keys in the largest strongly connected set and their signatures, and saves this information in a .wot file. The .wot file is securely synced to my account at the computer system of Lysator. The .wot file is archived and the working copy of the web server is updated. How secure is it? You should not trust the produced graphs to be secure. Someone with access to the keyserver or to the web server or to the connection between the web server and you could in principle be able to modify the graphs arbitrarily. However, if you verify the signatures yourself the worst thing an attacker can do is make your trust in a key weaker than it should be. Wotsap should together with a graph show a command line for GnuPG which can be used to verify all signatures in that graph, in a format that is easy verify that is corresponds to the graph. This will happen as soon as I figure out what that kind of command line looks like. I'm guessing new features will need to be added to GnuPG for this. What does those boxes and arrows mean? The boxes are OpenPGP keys. An arrow from box A to box B means that key A has signed key B. The color of the arrow signals the certification check level (see e.g. --default-cert-level in GnuPG documentation) of the signature. How often is the database updated? Every EU night if everything is working OK. If something goes wrong, the update might be delayed. Take a look at the .wot download directory to see when it has been updated in the past. Why is my key not included? For a key to be included, it needs to be available on the swiss keyserver. and it needs to be part of the largest strongly connected set. If you believe a key should be included but it is not, follow these steps: Find your key on the Swiss server using this form. If the key is not available there, you will have to upload it, wait a couple of days and try again. Verify that the latest version of your key is on that server. Sometimes the key servers seems to fail to sync completely for some reason. Check that the required signatures show up in the verbose search result. If signatures are missing, upload the latest version of your key to the key server manually. The next time a .wot file is generated, your key should be included. Find a path on the keyserver from your key to any key that is included. Find a path on the keyserver from any included key to your key. Wait until the next time the Wotsap database is updated. This should take less than 24 hours. Look at the latest database information to see when it was last updated. If you key is still not included you have found a bug. Send me an email describing the situation. Can I link to you? Of course. Even the URLs for graphs and other searches are quite stable now. If you study them you see that there are two kinds of URLs. The first sort is a search URL where all parameters are coded as HTML form data sets. This kind of URL can specify most keys as search strings. These URLs are immediately redirected to a more stable URL where all mandatory parameters are coded in the path and only optional parameters are coded as HTML form data sets. These URLs can only contain proper KeyIDs and should be much more stable. (There is also an old obsolete URL type which is kept only for backwards compatibility.) May I use the .wot files for other projects or make other derivative works? Of course. There are already others who have done that. You may use the Wotsap code itself under the GNU GPL and/or use the .wot files. I would of course like to know about other things based on Wotsap, but that is merely a wish, not a legal requirement. I found a bug. No bugs are currently known. If you have found another bug, please send an email to me or to a mailing list you find appropriate and describe the problem (or send a patch). I have a neat idea. Great! Please send an email to me or to a mailing list you find appropriate and describe the idea (or send a patch).
Jörgen Cederlöf <jc+wotsap@lysator.liu.se>

Wotsap

Wotsap FAQ

What is Wotsap?

Wotsap is a pathfinder for the OpenPGP Web of Trust, which also produces some statistics and similar things which are easy to do when you have a database of all keys and signatures in the largest strongly connected set.

Web of what?

The OpenPGP Web of Trust. OpenPGP is the most widely used email encryption standard, used by encryption software such as the GNU Privacy Guard. To encrypt to someone or verify someone's signature, you need that persons OpenPGP key. Say you want to verify a digital signature made by Bob. To get Bob's key is easy with some help from keyservers, being sure you got the right key is the tricky part. This is accomplished either by meeting Bob in person and exchanging signatures, or by trusting someone else, who you have met in person, who claims to have met Bob. Or by trusting someone who has met someone who has met Bob. This gives rise to a completely decentralized network of trusts between people. For a more detailed explanation, see the GNU Privacy Handbook or Patrick Feisthammel's explanation.

What is the "largest strongly connected set"?

A strongly connected set of OpenPGP keys is a set of keys in which a signature path exists from each key to every other key. If two large strongly connected sets exists, it only takes one signature from one of the sets to the other and another signature in the other direction for the two sets to join a form a larger set. Therefore one very large strongly connected set naturally appears, with the rest of them being very small. Since the smaller strongly connected sets are small enough to graph completely using only paper and pen, Wotsap only keeps track of the large strongly connected set.

What is "MSD"?

MSD, or Mean Shortest Distance, is a measure of how easy a key is to trust. There exists lots of other similar measures, but MSD is easy to understand, fast and easy to calculate and very popular for the OpenPGP Web of Trust. The Shortest Distance between two keys is the minimum number of signatures you have to follow to get from the first key to the second. The Mean Shortest Distance of a particular key is the Mean value of the Shortest Paths from all other keys to that key. Notice the direction the signatures are followed - the MSD of a key is independant on how many signatures that key has made. It would be possible to calculate an MSD value in the other direction too, but that would encourage lots of fake signatures to get a get a low MSD value.

Why not include the whole reachable or reaching set?

One might imagine including the largest strongly connected set plus the set of keys that can reach that set. However, the advantages are very small. A key owner in that situation has probably just signed a few keys that can be used to reach the rest, and can do searches from those keys instead. Furthermore, including the reaching set will encourage people to sign a random key just to be included.

Including the reachable set is a better idea. However, due to techical reasons regarding the way the key information is extracted, that is much more complicated. The reachable set will probably be included some time in the future. As soon as anyone writes the code to do it.

How does my key and signatures get into the database?

You or someone signing your key uploads your key, with signatures, to a keyserver.
By key server syncing, your key soon ends up at the swiss keyserver.
The next night the keyserver runs the pks2wot program which extracts information about keys in the largest strongly connected set and their signatures, and saves this information in a .wot file.
The .wot file is securely synced to my account at the computer system of Lysator.
The .wot file is archived and the working copy of the web server is updated.

How secure is it?

You should not trust the produced graphs to be secure.

Someone with access to the keyserver or to the web server or to the connection between the web server and you could in principle be able to modify the graphs arbitrarily. However, if you verify the signatures yourself the worst thing an attacker can do is make your trust in a key weaker than it should be.

Wotsap should together with a graph show a command line for GnuPG which can be used to verify all signatures in that graph, in a format that is easy verify that is corresponds to the graph. This will happen as soon as I figure out what that kind of command line looks like. I'm guessing new features will need to be added to GnuPG for this.

What does those boxes and arrows mean?

The boxes are OpenPGP keys. An arrow from box A to box B means that key A has signed key B. The color of the arrow signals the certification check level (see e.g. --default-cert-level in GnuPG documentation) of the signature.

How often is the database updated?

Every EU night if everything is working OK. If something goes wrong, the update might be delayed. Take a look at the .wot download directory to see when it has been updated in the past.

Why is my key not included?

For a key to be included, it needs to be available on the swiss keyserver. and it needs to be part of the largest strongly connected set. If you believe a key should be included but it is not, follow these steps:

Find your key on the Swiss server using this form. If the key is not available there, you will have to upload it, wait a couple of days and try again.
Verify that the latest version of your key is on that server. Sometimes the key servers seems to fail to sync completely for some reason. Check that the required signatures show up in the verbose search result. If signatures are missing, upload the latest version of your key to the key server manually. The next time a .wot file is generated, your key should be included.
Find a path on the keyserver from your key to any key that is included.
Find a path on the keyserver from any included key to your key.
Wait until the next time the Wotsap database is updated. This should take less than 24 hours. Look at the latest database information to see when it was last updated.
If you key is still not included you have found a bug. Send me an email describing the situation.

Can I link to you?

Of course. Even the URLs for graphs and other searches are quite stable now. If you study them you see that there are two kinds of URLs. The first sort is a search URL where all parameters are coded as HTML form data sets. This kind of URL can specify most keys as search strings. These URLs are immediately redirected to a more stable URL where all mandatory parameters are coded in the path and only optional parameters are coded as HTML form data sets. These URLs can only contain proper KeyIDs and should be much more stable. (There is also an old obsolete URL type which is kept only for backwards compatibility.)

May I use the .wot files for other projects or make other derivative works?

Of course. There are already others who have done that. You may use the Wotsap code itself under the GNU GPL and/or use the .wot files. I would of course like to know about other things based on Wotsap, but that is merely a wish, not a legal requirement.

I found a bug.

No bugs are currently known. If you have found another bug, please send an email to me or to a mailing list you find appropriate and describe the problem (or send a patch).

I have a neat idea.

Great! Please send an email to me or to a mailing list you find appropriate and describe the idea (or send a patch).

Jörgen Cederlöf <jc+wotsap@lysator.liu.se>