Engine/RatingsTable

Message Ratings In the Wake of New Key Defaults after KER

Note: * indicates don’t-care conditions, --- are inapplicable to the situation.

Table is written with the expectation that known communications partners haven’t exchanged trustwords - change “reliable” entries to “trusted” where necessary.

Also, the “Sender key has extant good trust entry for user for signing key” is a wobbly category - my presumption is that there is an extant trust DB entry for the key on entry that is good after processing the message. The reason for that is as follows - it may be that the message imports a key renewal. The key would have been expired on entry, but would be good afterwards, and should be considered a “good” extant trust rating after the fact when evaluating whether we had a good extant entry for the signer key in the table below.

We also don’t discuss mistrust and other bad trust statuses in the table - those obviously take precedence as they always have.

Expected message ratings based on various factors
Message Version Encrypted Verifiable (Signed and we have key) Contains sender claim Sender has default key on receipt Sender has default key after decryption Sender key has extant good trust entry for user for signing key Signer matches claim Rating
* N * * * * * * PEP_rating_unencrypted
* Y N * * * * * PEP_rating_unreliable
OpenPGP / p≡p 1.0 Y Y --- * N --- --- PEP_rating_unreliable Sender didn't import a default or have one, and we didn't set it via TOFU. It was verifiably signed by SOMEONE, however... key is in our DB, but isn't our default?
OpenPGP / p≡p 1.0 Y Y --- N Y (TOFU) * --- PEP_rating_reliable
OpenPGP / p≡p 1.0 Y Y --- Y Y N --- PEP_rating_unreliable (NOT TOFU)
OpenPGP / p≡p 1.0 Y Y --- * Y Y --- PEP_rating_reliable
p≡p 2.1 Y Y * * * * N PEP_rating_b0rken
p≡p 2.1 Y Y Y N Y N Y PEP_rating_reliable (TOFU)
p≡p 2.1 Y Y Y Y * N Y PEP_rating_unreliable
p≡p 2.1 Y Y Y * N (no TOFU) Y Y Shouldn’t happen. We should have imported this “good” key as a TOFU default
p≡p 2.1 Y Y Y * Y Y Y PEP_rating_reliable