Module cargo_crev::doc::user::trust [−][src]
Expand description
Trust and Web of Trust
The goal of this document is to help users understand trust in crev
(and
cargo-crev
).
Web of Trust
Trust proofs
Any identity can generate and sign a trust proof to express direct trust in another identity.
Example.
-----BEGIN CREV TRUST -----
version: -1
date: "2019-04-28T22:05:05.147481998-07:00"
from:
id-type: crev
id: FYlr8YoYGVvDwHQxqEIs89reKKDy-oWisoO0qXXEfHE
url: "https://github.com/dpc/crev-proofs"
ids:
- id-type: crev
id: YWfa4SGgcW87fIT88uCkkrsRgIbWiGOOYmBbA1AtnKA
url: "https://github.com/oherrala/crev-proofs"
trust: low
-----BEGIN CREV TRUST SIGNATURE-----
02BF0i1K0O7uR8T5UHzymqTo65P9R7JDuvfowZuHb3ubW8kd2-Fbl4jSv0n08ZdSU9P_E2YLWvEJrVQDYfjVCg
-----END CREV TRUST-----
Identity FYlr8YoYGVvDwHQxqEIs89reKKDy-oWisoO0qXXEfHE
trusts identity
YWfa4SGgcW87fIT88uCkkrsRgIbWiGOOYmBbA1AtnKA
. Notably, trust proofs include
trust level information (trust
field).
cargo-crev
builds WoT from from all the available trust proofs, and
calculates a personal trust set from it.
When calculating the trust set, crev
recursively traverses the graph from
the given root identity. This makes trust transitive.
The root identity is typically the current identity of the user, but can be
specified arbitrarily with the --for-id
argument.
effective trust level
While traversing the graph crev
keeps track of an effective trust level of
each trusted identity. In simple terms: if R is the root identity, and R trust X
with a low trust level, and X trusts Y with high trust level, R will have a
low effective trust level for Y, because effective trust level for Y can’t
exceed the effective trust level in X.
More precisely: effective trust level of R for Y is equal to:
- maximum of:
- direct trust level of R for Y (if available), or
- for any already trusted identity Xi that also trusts Y, the maximum value of
the lowest of:
- direct trust level of Xi for Y
- the effective trust level of R for Y
Or in other words: for R to have a given effective trust for Y, there has to exist at least on path from R and Y, where every previous node directly trusts the next one at the level at least as high.
That’s because any effective trust level can only be as high as the higest effective trust level
Depth of the WoT
While traversing the trust graph to calculate the WoT, cargo-crev
keeps track
of the distance from the root ID. The exact details how far from it it will
reach can be controlled by the following command line options:
--depth <depth>
--high-cost <high_cost>
--medium-cost <medium_cost>
--low-cost <low_cost>
This allows flexible control over transitive trust. For example:
--high-cost 1 --medium-cost 1 --low-cost 1 --depth 1
would effectively make cargo-crev
use only directly trusted identities.
Filtering reviews
In addition to control over how the WoT is calculated, it is possible to filter package reviews used by other criteria.
--trust
options allows verification of packages only by reviews created by
identities of a given trust level (or higher).
The following options:
--thoroughness <thoroughness>
--understanding <understanding>
control filtering of the reviews by their qualities.
Finally:
--redundancy <redundancy> Number of reviews required [default: 1]
control how many trusted reviews is required to consider each package as trustworthy.