also sprach Philip Hands <phil@hands.com> [2009.06.17.1126 +0200]: > The reason that I suggest shouting is, that despite that meaning > that there may be a certain amount of chaos at the start as the > dodgy keys are flushed out, it will establish a norm of rejecting > dodgy ID, which should work against the default group-think that > would be encouraging people not to make a fuss, and so err on the > side of generosity. On the subject of a dodgy ID: http://lists.debian.org/debian-devel/2006/05/msg01463.html and of course http://madduck.net/blog/2006.05.27:keysigning-again/ http://madduck.net/blog/2007.06.27:keysigning-in-edinburgh/ http://madduck.net/blog/2008.01.28:on-the-point-of-keysigning/ > This would also eliminate people that have fake ID from places > that most people wouldn't recognise at all -- we're almost bound > to have a local that will recognise it as fake, and so not sign. > By adding the denouncement procedure that key will get signed by > nobody at the key signing, rather then getting signed by quite > a lot of the people who would have been convinced. You are putting *way* too much weight and importance into the government-issued document, and basically none into the identity of the holder. Seriously: we're supposed to be certifying identities, not the authenticity of a government document. The only real improvement I know thus far is small groups around people with well-connected keys (cf. Edinburgh), and a short (!), mandatory lecture up front on what keysigning endeavours to achieve, and where the weaknesses are. -- .''`. martin f. krafft <madduck@debconf.org> : :' : DebConf orga team; press officer `. `'` `- DebConf9: 24-30 Jul 2009, Extremadura, ES: http://debconf9.debconf.org "was aus liebe getan wird, geschieht immer jenseits von gut und böse." - friedrich nietzsche
Attachment:
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)