Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]

To: debconf-discuss@lists.debconf.org, debian-devel@lists.debian.org
Subject: Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
From: Paul Wise <pabs@debian.org>
Date: Wed, 24 Jun 2009 09:30:52 +0800
Message-id: <[🔎] e13a36b30906231830r646df62fl8ce846ee3224a033@mail.gmail.com>
In-reply-to: <[🔎] 4A41297F.5070905@fifthhorseman.net>
References: <[🔎] 20090617114955.GC19011@piper.oerlikon.madduck.net> <[🔎] 20090622130442.GA27701@lapse.rw.madduck.net> <[🔎] 8763envob5.fsf@anzu.internal.golden-gryphon.com> <[🔎] 4A408B39.8090604@debian.org> <[🔎] 87iqinrqnb.fsf@anzu.internal.golden-gryphon.com> <[🔎] 4A40F932.6060807@debian.org> <[🔎] 874ou6syc8.fsf@anzu.internal.golden-gryphon.com> <[🔎] 4A4115A8.9050005@fifthhorseman.net> <[🔎] 20090623185220.GA31025@piper.oerlikon.madduck.net> <[🔎] 4A41297F.5070905@fifthhorseman.net>

On Wed, Jun 24, 2009 at 3:14 AM, Daniel Kahn
Gillmor<dkg@fifthhorseman.net> wrote:

> I think that misses a critical point; i want to use my OpenPGP key for a
> variety of purposes both in and out of debian.  I consider it a baseline
> tool for managing my digital identity.  While i'm happy to obey
> debian-specific guidelines for debian-specific purposes, i have no
> intention of obeying debian-specific guidelines for projects outside of
> debian, except perhaps by coincidence.
>
> I'm *not* saying that i will sign keys blindly or anything, but there
> are scenarios and groups i interact with where it is meaningful and/or
> useful to sign a role key, a machine key, or a pseudonymous key, for
> example.  If debian makes up some debian-specific guidelines that say
> "you must not sign pseudonymous keys", i cannot follow those
> instructions without changing my key (or having a debian-specific key
> unrelated to my non-debian identity, which seems to defeat the whole
> point of the binding).

Would subkeys help in this scenario? (hint hint, some good docs about
real-world subkey usage are needed).

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
  - From: Philipp Kern <pkern@debian.org>

References:
- Re: [Debconf-discuss] GPG keysigning?
  - From: martin f krafft <madduck@debconf.org>
- Re: [Debconf-discuss] GPG keysigning?
  - From: martin f krafft <madduck@debconf.org>
- Re: [Debconf-discuss] GPG keysigning?
  - From: Manoj Srivastava <srivasta@acm.org>
- Re: [Debconf-discuss] GPG keysigning?
  - From: "Giacomo A. Catenazzi" <cate@debian.org>
- Re: [Debconf-discuss] GPG keysigning?
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: [Debconf-discuss] GPG keysigning?
  - From: "Giacomo A. Catenazzi" <cate@debian.org>
- Re: [Debconf-discuss] GPG keysigning?
  - From: Manoj Srivastava <srivasta@debian.org>
- [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
  - From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
  - From: martin f krafft <madduck@debconf.org>
- Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
  - From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Prev by Date: Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices
Next by Date: Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices
Previous by thread: Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
Next by thread: Re: [Debconf-discuss] using OpenPGP notations to indicate keysigning practices [was: Re: GPG keysigning?]
Index(es):
- Date
- Thread