On Wed, Jun 17, 2009 at 01:49:55PM +0200, martin f krafft wrote:
This would also eliminate people that have fake ID from places
that most people wouldn't recognise at all -- we're almost bound
to have a local that will recognise it as fake, and so not sign.
By adding the denouncement procedure that key will get signed by
nobody at the key signing, rather then getting signed by quite
a lot of the people who would have been convinced.
You are putting *way* too much weight and importance into the
government-issued document, and basically none into the identity of
the holder. Seriously: we're supposed to be certifying identities,
not the authenticity of a government document.
I thought this was suitably rebutted years ago after the DC6 keysigning. To
bring up the same arguments again looks like trying to win by getting the
last word...
The government IDs are relevant because when we're collaborating on an OS
where there's minimal code review of the work done by maintainers and a
well-chosen malicious package could cause millions or billions of dollars in
damage to our users, we[1] want to be able to hold someone accountable in
the real world. Not an "identity", but a physical person that we can
prosecute and send to jail.
Since governments are in charge of jails, government IDs are therefore the
best tool we have available for this, without significantly compromising our
scalability.