Re: [New maintainer] Working for Debian and becoming a registered Debian developer
- To: email@example.com
- Cc: firstname.lastname@example.org
- Subject: Re: [New maintainer] Working for Debian and becoming a registered Debian developer
- From: Carl Mummert <email@example.com>
- Date: Thu, 22 Jul 1999 14:33:00 -0400
- Message-id: <"_7x-wC.A.BRB.2S2l3"@murphy>
- In-reply-to: Message from Antti-Juhani Kaijanaho <firstname.lastname@example.org> of "Thu, 22 Jul 1999 21:32:22 +0300." <19990722213222.C358@ugh.jyu.fi.invalid>
>You really want to make it easy for script kiddies to play with us?
>Faking an official document like a birth certificate is a serious crime.
>I doubt many people would want to go that far just to screw Debian.
Hacking is a serious crime (ask the people who keep getting arrested for it).
Credit card fraud is a serious crime. Kids do both, very often.
If a script kiddie is going to break into the system, is there some reason
to believe that they would be unwilling to forge a birth certificate?
If each new developer were forced to have an old developer sign her pgp key,
this would be an improvement over the current security system, and would
also make it easier and faster to accept new developers.
The fact remains that the debian policy is to discourage new developers
by making it slow and difficult to get an account.