[Back to Keyring Analysis Page]
Key Analysis 10 Aug 2001
The following stats are being pulled from a keyring that was exported from pgp.dtype.org on August 9, 2001. Before reading this, please be sure to view the explanation of this analysis and read the FAQ before asking me any questions about it.
The strong set MSD raw analysis is available here. Please read the FAQ to explain how to read this file. This file includes all keys reachable from the strong set. Look up reports for individual keys in the raw output directory. Now you can see what keys are signed by each key (otherwise very difficult to find).
New This Month
Thanks to Randy Harmon at NAI (pgp.com) for a full dump, and a significant increase in the keyring size. Much of the growth of the keyring came from merging this ring. As always, continued thanks to Peter Wan for his efforts in maintaining global rings.
The individual key analysis now also includes hop count histograms to each key from the strong set.
Special Report - Other Strongly Connected Sets
As mentioned in the explanation, I have chosen to focus on what is by far the largest strongly connected set, which I call the "strong set". There are, however, other smaller sets which are strongly connected. This means that groups of friends are reachable from each other, but have not exchanged signatures with anyone in the larger "strong set".
This month, I've made a scan for _all_ strongly connected sets, from the largest, at size 10,153, to the n-way tie for last place with strongly connected sets of 1.
| Set size | Number of sets |
| 10,153 | 1 |
| 98 | 1 |
| 59 | 1 |
| 34 | 2 |
| 33 | 1 |
| 31 | 1 |
| 29 | 1 |
| 28 | 6 |
| 27 | 1 |
| 26 | 1 |
| 23 | 2 |
| 21 | 1 |
| 20 | 2 |
| 19 | 5 |
| 18 | 1 |
| 17 | 5 |
| 16 | 10 |
| 15 | 16 |
| 14 | 20 |
| 13 | 19 |
| 12 | 22 |
| 11 | 25 |
| 10 | 49 |
| 9 | 82 |
| 8 | 92 |
| 7 | 136 |
| 6 | 244 |
| 5 | 425 |
| 4 | 835 |
| 3 | 1,741 |
| 2 | 5,094 |
| 1 | 35,353 |
As you can see, the largest strongly connected set is orders of magnitude larger than the next biggest (10,153 compared to 98), which at least somewhat validates the decision to focus on this set. Other relatively large strongly connected sets could easily merge with the larger one by simply having _any_ of the set's members exchange signatures with someone in the larger set.
Again, just because there is a path between two keys does not mean that there should be any implied trust. The reason this matters to this report is the math behind these numbers relies somewhat on strongly connected sets.
General statistics
| Size of binary keyring (bytes): | 1,853,471,920 | (+7.52%) | |
| Number of keys: | 1,577,742 | (+7.13%) | |
| Non-revoked keys with at least one non-self sig: | 147,701 | (+5.82%) | |
| Total non-self sigs on those keys: | 302,662 | (+5.72%) |
The "strong set"
| Size of largest strongly connected set: | 10,153 | (+6.18%) | |
| Keys that have signed this set: | 14,811 | (+6.04%) | |
| Keys that this set has signed (target of MSD calculations): | 40,249 | (+5.27%) |
Best connected keys (shortest distance to)
Please read about the mean shortest distance (MSD) calculated here in the analysis explanation. Here are the top 50 keys. Look for your own key in this month's raw analysis (see above). Note that the only keys analyzed were those reachable from the strong set. I've included some of my own comments on people I recognize. I'm sorry if you're listed here without a comment. If you email me a quick phrase to describe what you do that would be of interest to readers, I'll put it in.
The average MSD is 6.6224, in the set of 10,153. The median value is 6.1993.
Go to this keyserver's web interface to look up these keys.
| Rank | Hex ID (last 32b) | Key Name (Identifier) | Comments | MSD |
| 1 | 09590CFD | Peter N. Wan | GA Tech college of computing | 4.0775 |
| 2 | 4F570BA3 | Ingmar Camphausen | PGP security maverick | 4.0855 |
| 3 | 466B4289 | Theodore Ts'o [SIGNATURE] | ext2fstools, Kerberos, LSB, other | 4.1057 |
| 4 | F95C2F6D | Christoph Martin | Debian maintainer & uni-mainz keyserver admin | 4.1537 |
| 5 | 8B4608A1 | Peter N. Wan PNW2048 | GA Tech college of computing | 4.2050 |
| 6 | F081195D | Matthias Bauer | 4.2149 | |
| 7 | 09AC0A6A | L. Sassaman | cypherpunks | 4.2308 |
| 8 | 0A2F87E5 | Niels Provos (#2) | OpenBSD, OpenSSH, IPSEC | 4.2601 |
| 9 | C2009841 | Niels Provos | OpenBSD, OpenSSH, IPSEC | 4.2674 |
| 10 | 0679ED91 | teun.nijssen@kub.nl | Manages SURFnet servers, scanned PGP source code | 4.2884 |
| 11 | C7A966DD | Philip R. Zimmermann | Inventor of PGP | 4.3007 |
| 12 | 0DBF906D | Jeffrey I. Schiller | MIT Security/Network Manager | 4.3037 |
| 13 | 5B0358A2 | Werner Koch | Author of GNU Privacy Guard (GPG) | 4.3064 |
| 14 | 1CF27FD5 | Marc Horowitz | Author of pks PGP keyserver software | 4.3186 |
| 15 | 8531327F | Martin Spill | 4.3376 | |
| 16 | 08C95A15 | SURFnet-Master-Certification-Key | 4.3458 | |
| 17 | DD934139 | Patrick Feisthammel | hosts Swiss PGP keyserver, www.ch.pgp.net | 4.3498 |
| 18 | 66A74B31 | Teun Nijssen | Manages SURFnet servers, scanned PGP source code | 4.3632 |
| 19 | DC4ED62D | Ingmar Camphausen, DFN-PCA | PGP security maverick | 4.3692 |
| 20 | 52D1CAB1 | Nathalie Weiler | Security researcher at ETH Zurich | 4.3728 |
| 21 | 80B07A4F | Theodore Ts'o | ext2fstools, Kerberos, LSB, other | 4.3859 |
| 22 | FAEBD5FC | Philip R. Zimmermann | Inventor of PGP | 4.4020 |
| 23 | 13D9873D | Mirko Dziadzka | 4.4043 | |
| 24 | DA0EDC81 | Phil Karn | 4.4076 | |
| 25 | A094DA25 | Patrick Feisthammel CERTIFICATION ONLY, Key A | 4.4171 | |
| 26 | 28C029AF | Dave Del Torto | 4.4301 | |
| 27 | 46F3212D | LaMont Jones | Debian developer, postfix junkie | 4.4304 |
| 28 | 2B48F6F5 | Ian Goldberg | ISAAC, Crypto guru | 4.4412 |
| 29 | 00292B81 | Nathalie Weiler | Security researcher at ETH Zurich | 4.4432 |
| 30 | E39AF3E9 | Chelo Malagon | 4.4462 | |
| 31 | 2DE30EC1 | CERT Coordination Center | CERT | 4.4498 |
| 32 | 09D3E64D | Greg Rose | USENIX, PGPMoose | 4.4550 |
| 33 | 75BE8097 | Florian Lohoff | 4.4613 | |
| 34 | FE0B386D | Pasztor, Miklos | 4.4633 | |
| 35 | 603F2D01 | Stefan Kelm | 4.4648 | |
| 36 | C158CCED | Florian Lohoff | 4.4685 | |
| 37 | 7362BE39 | Carl Ellison | Chief cryptographer, Intel | 4.4697 |
| 38 | C3FC4C69 | Steven M. Bellovin | Security expert, AT&T Labs | 4.4740 |
| 39 | BB1D9F6D | ct magazine CERTIFICATE | 4.4751 | |
| 40 | 6916C873 | Peter N. Wan PNWGTDH4096 | GA Tech College of Computing | 4.4762 |
| 41 | 8B05342D | Graham King | 4.4802 | |
| 42 | 1FE961A1 | Harald Koenig | 4.4814 | |
| 43 | ED9547ED | Wichert Akkerman | Debian Project Leader emeritus | 4.4856 |
| 44 | 4413B691 | Thomas Lenggenhager | 4.4888 | |
| 45 | E12469C1 | Ruediger Weis | 4.4893 | |
| 46 | 39F37F5D | Lutz Donnerhacke | privacy advocate & security expert | 4.4946 |
| 47 | F086CBB5 | Marcel Waldvogel | 4.4970 | |
| 48 | 961F4A35 | Tatu Ylonen | Inventor of SSH | 4.5010 |
| 49 | F82CEA91 | Simon Cooper | 4.5065 | |
| 50 | 103D4013 | Theodore Ts'o | ext2fstools, Kerberos, LSB, other | 4.5085 |
In the Drew self plug, my own key moved from #272 to #80 with an MSD of 4.6027. This was probably mostly due to a good-sized keysigning at Ottawa Linux Symposium.
For next month
I would still like to see the text key IDs in some of the raw reports, to avoid having to look them up later, but this requires some rewriting in all the sections of code, to hold those text fields in RAM through from import to report. Maybe for September... I certainly wouldn't object to someone contributing this part.
Discussion about this analysis continues on the keyanalyze-discuss mailing list.
If you have any suggestions, please send them my way, especially if you have the algorithms as well. If you're so inclined, please have a look at the code as well.
All original content on this site is copyright (c)2000-2113 M. Drew Streib and licensed under the OpenContent License unless otherwise noted.