Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7

To: debconf-discuss@lists.debconf.org
Subject: Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
From: Moray Allan <moray@sermisy.org>
Date: Wed, 09 May 2007 14:39:16 +0100
Message-id: <[🔎] 1178717956.27746.194.camel@ascendit.sermisy.org>
In-reply-to: <[🔎] 4641C3B4.5090008@hands.com>
References: <20070506130725.GR20882@debianrules.debiancolombia.org> <[🔎] 20070508002904.GF16078@cerdita.puerquita.cochinita.chanchita.damog.net> <[🔎] 20070508012633.GY20882@debianrules.debiancolombia.org> <[🔎] 20070508172304.GD5194@belanna.comodo.priv.at> <[🔎] 20070508202016.GC32754@cerdita.puerquita.cochinita.chanchita.damog.net> <[🔎] 20070508221503.GA11801@takhisis.invalid> <[🔎] 878xby9a2j.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 20070509000711.GA4811@cerdita.puerquita.cochinita.chanchita.damog.net> <[🔎] 874pmm977d.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 20070509004026.GE23200@outback.rfc2324.org> <[🔎] 20070509083323.GD20049@sirena.org.uk> <[🔎] 1178710462.27746.141.camel@ascendit.sermisy.org> <[🔎] 4641C3B4.5090008@hands.com>

On Wed, 2007-05-09 at 13:51 +0100, Philip Hands wrote:
> perhaps all you need to do is to
> make sure that the better connected people in the web-of-trust are evenly
> distributed through the line, and then only bother doing the rotation as
> many times as it takes for someone to get from one well signed person to
> the next -- that is liable to get everyone within about one trust hop of
> where they would get if the keysigning continued to the bitter end, so
> would be equivalent to having a keysigning key that all attendees signed
> and that signed all keys, without the single point of compromise.

> The reason people get laxer as such events go on is that they are aware
> that the person's ID has already been checked by an increasing number of
> people, so perhaps we should just curtail the whole thing after about 10 ID
> checks, or make it clear that after about the 10th check, it's perfectly
> acceptable to wander off.

Well, I *think* this is pretty much what is being suggested for this
year, although I'm not sure.  Certainly it's the kind of approach I was
arguing to anibal/Ganneff should be taken this year.  The "groups" thing
can be viewed as a way of working out the ordering to ensure that, as
you say, "better connected people in the web-of-trust are evenly
distributed".  The advantage of physically standing in separated groups
is the physical one that delays don't propagate as badly.

(Though if you just say "continue until you're tired", I suspect a lot
of people will actually continue a while after that, when they've
already stopped paying attention to what they're doing; it would be more
responsible behaviour, as people who want to keep Debian signatures
trustworthy, to try to make sure people do stop *before* there's a
danger they stop paying attention.)

Re denouncing keys, note that it *is* valid for people to have different
standards.  e.g. I won't sign on the basis of random driving licences I
don't recognise, or some ID document with handwritten details and a
glued-on photo, and don't think others should either -- but someone from
the same country with a good knowledge of the documents might know
enough to judge those kinds of documents.  And I won't sign if the
person looks nothing like the photo they're waving at me, but that's
obviously a personal judgement.

-- 
Moray

Reply to:

References:
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: David Moreno Garza <damog@ciencias.unam.mx>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Aníbal Monsalve Salazar <anibal@v7w.com>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: gregor herrmann <gregor+debian@comodo.priv.at>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: David Moreno Garza <damog@ciencias.unam.mx>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Stefano Zacchiroli <zack@debian.org>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Manoj Srivastava <srivasta@acm.org>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: David Moreno Garza <damog@ciencias.unam.mx>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Manoj Srivastava <srivasta@acm.org>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Maximilian Wilhelm <max@rfc2324.org>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Mark Brown <broonie@sirena.org.uk>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Moray Allan <moray@sermisy.org>
- Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
  - From: Philip Hands <phil@hands.com>

Prev by Date: Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
Next by Date: Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
Previous by thread: Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
Next by thread: Re: [Debconf-discuss] Call for keys for keysigning in Edinburgh during DebConf7
Index(es):
- Date
- Thread