[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them

On Thu, 2009-08-06 at 09:15 +0200, Andreas Tille wrote:
> On Thu, Aug 06, 2009 at 09:10:10AM +0200, Petter Reinholdtsen wrote:
> > Personally, I prefer it if people just upload the signatures on my key
> > directly into the keyservers, and I ask the people I sign keys for if
> > it is OK for me to do the same.  It is less work for me, and I am not
> > really worried about the people I sign keys for not controling the
> > email address they claim to have, after seeing them around in the
> > project for a while. :) If you do not believe the person in front of
> > you is telling the truth, I believe it is better to not sign the
> > key. :)
> 
> IMHO this thread leads directly to a new meta-information on the
> KSP list:
> 
>    Do you prefer direct upload to keyservers?: yes / no
> 
> This should be printed on the list and people could handle accordingly.

I don't mind such a flag being added to the lists, but please don't
expect me to honor it.

Bdale
Reply to: