wotsap(1) Web of Trust statistics and pathfinder


wotsap [OPTIONS] [bottomkey [topkey]]



is a pathfinder for the OpenPGP Web of Trust, which also produces some statistics and similar things. It obtains the description of the Web of Trust from a .wot file.

OpenPGP is the most widely used email encryption standard, used by encryption software such as the GNU Privacy Guard (see gnupg (7)). To encrypt to someone or verify someone's signature, you need that persons OpenPGP key. Say you want to verify a digital signature made by Bob. To get Bob's key is easy with some help from keyservers, being sure you got the right key is the tricky part. This is accomplished either by meeting Bob in person and exchanging signatures, or by trusting someone else, who you have met in person, who claims to have met Bob. Or by trusting someone who has met someone who has met Bob. This gives rise to a completely decentralized network of trusts between people.

wotsap lets you explore the Web of Trust. It works on a compressed copy of the Web of Trust in the .wot file format, generated daily and distributed on the site of wotsap main writer.

Running wotsap you can specify on the command line just bottomkey, bottomkey and topkey or neither of them. They are the hexadecimal ID of the keys you want to investigate:

• If you don't specify any of bottomkey and topkey, wotsap will just produce some piece of information on the Wot of Trust, such as the total number of key and signatures and the average signatures per key.

• If you specify only bottomkey, wotsap will output detailed statistics about that key: how far are the other key in the Web from this, the Mean Shortest Distance for this key, which key have signed this key or are signed by this key. The Mean Shortest Distance is the average of the distances from all the keys in the Web of Trust to the key you under considaration. The distance from a key to another is the length of a minimal path from the first to the second.

• If you specify either bottomkey and topkey, wotsap will search for all the minimal paths from bottomkey to topkey and output them.


-h --help

Show help.


Show version.

-w --wot=FILE

Read Web of Trust information from FILE. Defaults to ~/.wotsapdb. You can find the latest version of this file (generated daily) at http://www.lysator.liu.se/~jc/wotsap/wots2/latest.wot.

-m --modify=STR

Use STR of WoT modification string.

-g --group

Print signature matrix of comma separated keys. If there aren't any commas in the key specification, wotsap will interpret it as a search string, and print the signature matrix of all the key, whose name or email contains the string.

-G --nounknowns

Don't print unknown keys in the signature matrix.

-o --png=FILE

Write an image of the graph of all the minimal paths between the two specified keys in FILE, in .png file format.

-O --show-png=PRG

Like -o, but shows the image with PRG instead of writing it in a file. More precisely, it saves the minimal paths image in a temporary file, the executes 'PRG image_file' and, when PRG is over, deletes the temporary file.

-s --size=NNNxMMM

With -o or -O options, set the size of the generated image to NNNxMMM.

-F --font=FILE

Use FILE as the font file, in .pil/.pbm format. Point it to the .pil file, with the .pbm file in the same directory. If no font specifications are given, wotsap will try to use some fonts installed in the system, or fall back to a built-in one.

-T --ttffont=FILE

Like -F, but with a TrueType font file.

-S --ttfsize=NUM

With -T, set the TrueType font size. Defaults to 16.

-p --print

Print the whole Web of Trust in human readable format (very long output).

-D --print-debug

Print the debug information in the .wot file.

-d --diff=FILE

Print all differences between two .wot files (namely, between the file specified with -w and that specified with this option).

-M --msd

Just show MSD for the specified key instead of full statistics.

-W --wanted[=NUM]

Show the NUM (defaults to 10) 'most wanted signatures' for key (very long calculation time, try using -r).

-r --restrict=STR

Restrict wanted signatures with STR, implies -W.


This manual page was written by Giovanni Mascellani [email protected] for the Debian(TM) system (but may be used by others), beacause the original program doesn't have a manual page. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation.

On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.


Copyright © 2007 Giovanni Mascellani