Re: Re-thinking Debian membership
Ar 26/10/2008 am 21:57, ysgrifennodd Lars Wirzenius:
> la, 2008-10-25 kello 09:59 +0200, Stefano Zacchiroli kirjoitti:
> > A scenario I want to avoid for example is that newcomers can alter the
> > keyring adding tens of "friends". Such a possibility would imply that
> > if Debian as a project fails *once* in checking IDs and motivations
> > for *a single* newcomer, than that newcomer can screw us badly adding
> > a whole lot of people. I presume the range of nasty scenarios
> > starting from this one is quite big.
> I would like to stress that my proposal says that any changes should be
> easy to undo. This is especially true for anything that may result in
> nasty scenarios. I haven't thought about the mechanics of this yet in
> any particular detail, but there are so many ways in which keyring
> maintenance could be arranged to achieve the goal of my proposal that
> I'm not worried it can't be implemented.
This sounds comparable to the approach used by wikis, sometimes described as
"soft security". It works through revision conrol: letting people see who did
what, and allowing restoring old versions.