Re: [Debconf-discuss] GPG keysigning?
2009/6/11 Aníbal Monsalve Salazar <anibal@v7w.com>:
> I was thinking about accepting only keys that don't suffer from the
> recently discovered weaknesses.
>
> What people think about that?
If we do that, the new keys will not get signatures by people that
have not generated a new key and thus the only link between the new
and the old keys in the web of trust will be the self-signatures. It
would be better IMHO if all participants (who made a new key) would
use both keys for this signing party and sign all keys with both their
new and their old key thus establishing a much more interwoven web of
trust for the new keys.
Or in other words: you make my new shiny key get less signatures - you meany!
--
Best regards,
Aigars Mahinovs mailto:aigarius@debian.org
#--------------------------------------------------------------#
| .''`. Debian GNU/Linux (http://www.debian.org) |
| : :' : Latvian Open Source Assoc. (http://www.laka.lv) |
| `. `' Linux Administration and Free Software Consulting |
| `- (http://www.aiteki.com) |
#--------------------------------------------------------------#
Reply to: