[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Debconf-discuss] GPG keysigning?

2009/6/17 martin f krafft <madduck@debconf.org>:
> also sprach Philip Hands <phil@hands.com> [2009.06.17.1126 +0200]:
>> The reason that I suggest shouting is, that despite that meaning
>> that there may be a certain amount of chaos at the start as the
>> dodgy keys are flushed out, it will establish a norm of rejecting
>> dodgy ID, which should work against the default group-think that
>> would be encouraging people not to make a fuss, and so err on the
>> side of generosity.
> On the subject of a dodgy ID:
>  http://lists.debian.org/debian-devel/2006/05/msg01463.html
> and of course
>  http://madduck.net/blog/2006.05.27:keysigning-again/
>  http://madduck.net/blog/2007.06.27:keysigning-in-edinburgh/
>  http://madduck.net/blog/2008.01.28:on-the-point-of-keysigning/

I was one of the guys who immediately recognised you at the KSP in Edinburgh
and I have no idea how you interpreted my reaction. I remember asking for a real
ID after openly recognising your Transnational Republic ID, then you asked me
why I think that makes any difference.

Before the KSP, thanks to your old posts I decided I would only sign
keys for people
that I at least saw (talked to) once before and who appeared to be who
they claimed
to be in the view of the other people present there. OTOH, for people
visibly chasing
signatures or being sloppy when checking the ID or not even looking at
me, I decided
I will not sign their keys.

>> This would also eliminate people that have fake ID from places
>> that most people wouldn't recognise at all -- we're almost bound
>> to have a local that will recognise it as fake, and so not sign.
>> By adding the denouncement procedure that key will get signed by
>> nobody at the key signing, rather then getting signed by quite
>> a lot of the people who would have been convinced.
> You are putting *way* too much weight and importance into the
> government-issued document, and basically none into the identity of
> the holder. Seriously: we're supposed to be certifying identities,
> not the authenticity of a government document.

Indeed, some people at the KSP were visibly not familiar with the
Romanian passport,
and although it looked like many other passports, that document is in
no way a warranty
that I am acting in good faith *within*Debian* and that they are
actually seeing the person
that claims to be Eddy Petrișor in the Debian sphere.

Some of those people decided to sign my key although I had no contact
with them before
or after the KSP.

IMO, *that* is plain wrong!

Good thing that I revoked that key meanwhile.

> The only real improvement I know thus far is small groups around
> people with well-connected keys (cf. Edinburgh), and a short (!),
> mandatory lecture up front on what keysigning endeavours to achieve,
> and where the weaknesses are.

I know I appreciated Don's explanations on why only checking the SHA1
sum[1] and cross
confirming the SHA1 and fingerprint were correct were enough to make
sure I and any
other person were talking at all times about the same pair of keys.

Also, I remember asking later more knowledgeable people about how and
why *they* consider
a key as signing worthy at any given point in time.

[1] on the condition that I printed myself the document on a trusted printer
"Imagination is more important than knowledge" A.Einstein

Reply to: