On 26/05/2006 at 11:26 David Moreno Garza wrote...
<snip>
> Another dissappointing fact is that some of the people who were at the
> KSP, also signed some of them who weren't. I know this from a first hand
> contact who didn't attend the party (he was in the list, though), and
> received his signed key by mail (and he didn't exchange IDs with anybody
> before or after the KSP, he didn't do any key exchanging or anything at
> all, and he _did_ get some signed keys), probably by four or five
> persons, as I was told. That makes me completely skeptical on attending
> any KSP in the future, what's the point if people don't understand what
> they are doing or if people don't really care to whom they sign keys?
> Where does the web of trust really end?
>
I'm witness of this. I got my key signed by one from the KSP, for
those who don't know I wasn't able to make it, I kindly replied that he
shouldn't ever do that and pointed to the howto and relevant information.
When I told this on IRC some people inquired me on private if it was from
them, that was a bit dissapointing.
I believe we need to put some work on education. Previous to a KSP I
think a GPG/PGP BoF would be good since there will be always new
people, who are not familiar, which doesn't mean necesarily they don't
care.
> Just my 2 pesos cents :)
I wasn't able to exchange money :)
-Rudy
--
Rudy Godoy | 0x3433BD21 | http://stone-head.org ,''`.
http://www.apesol.org - http://www.debian.org : :' :
GPG FP: 0D12 8537 607E 2DF5 4EFB 35A7 550F 1A00 3433 BD21 `. `'
`-
Attachment:
signature.asc
Description: Digital signature