Re: [Debconf-discuss] Follow-up: additional checks you can do [was: KSP post-mortem: why I won't be able to sign some keys]
Steve Langasek wrote:
> At Manoj's request, I've compiled a list of those KSP participants who, per
> my notes, I saw using photocopies that included the pre-filled checksum;
> this list is attached, for each of you to use (or not, as you wish) as input
> into your own keysigning decisions. You'll have to decide for yourself
> whether this is an attack vector you care about, or if I myself am just a
> no-good troublemaker trying to keep certain people out of the web of trust
> for my own evil reasons. ;)
I'm more in favour of the trouble-maker part. I had a printed copy from
Anibal because I was on the road in Mexico prior to DebConf and couldn't
make a printout in time.
If you would have asked, I would have confirmed you that I had checked the
file by the checksum read aloud by Martin. In fact, my paper did even have
checkmarks on it.
Cheers,
Moritz
Reply to: